[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Suggestion for epa-mail-mode
|
From: |
ken manheimer |
|
Subject: |
Re: Suggestion for epa-mail-mode |
|
Date: |
Mon, 20 Dec 2010 17:52:16 -0500 |
On Mon, Dec 20, 2010 at 5:22 PM, Leo <address@hidden> wrote:
>
> Hello Ken,
>
> On 2010-07-26 16:12 +0100, ken manheimer wrote:
> > I'LL be working on it all in a few weeks, with priority on the pgg ->
> > epg migration.
>
> Thank you for fixing allout.el for epg ;)
thanks, leo. i'm genuinely sorry it took so long.
in fact, there were some substantial features i had to trade-off in
the transition. allout is more cumbersome and error-prone for dealing
with symmetric encodings for numerous encrypted entries in a file,
because i had to let go of encryption passphrase validation and
hinting. that comes in exchange for significantly less insecurity due
to no handling of passphrases in emacs code. instead, as always when
using epg with GnuPG version 2, all passphrase handling is outside of
emacs, in gnupg's gpg, gpg-agent, and pinentry, which i expect are
drastically less vulnerable.
it is for that reason that i was ultimately willing to forego those
features, though i wish i could have more control without greater
vulnerability...
ken
> Kind regards,
> Leo