[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
convenient digital signing for el files and snippets
|
From: |
Joseph Gay |
|
Subject: |
convenient digital signing for el files and snippets |
|
Date: |
Wed, 09 Mar 2011 00:12:13 -0600 |
|
User-agent: |
Gnus/5.110014 (No Gnus v0.14) Emacs/23.2 (gnu/linux) |
Hi,
I noticed a recent discussion regarding trust with emacswiki et al, and
I have a half-baked idea for increasing user convenience. I'm posting
here for help in gauging viability and usefulness or lack thereof.
In short, add an Emacs command/function to sign an elisp file or snippet
with a comment indicating the signer and signature, and another
command/function to verify the signature.
Usage scenario:
With something like el-get or autoinstall, it is easy to
update a large library or module from emacswiki or other public URI.
However, it is always advisable to check the diff prior to updating
since it is hard to be sure who made what changes.
However, if the file was signed, and contained the signature, it would
be trivial to see whether the signature is valid using a trusted public
key, and let the user know if not and then decide what to do (look at a
diff, look up the key, view changelogs, etc.).
Convenience comes from knowing when a file or snippet is modified by
someone you trust, and thus not having to scan through myriad diffs and
look for possible problems.
Technical details:
Sign a sha1 hash of the file or snippet contents with any existing
signature information removed. Signature for a file is a comment before
the ;;; <file>.el ends here line like ;; Signed <email> <signature>. A
signature for a snippet starts ;;; snip <description> and ends with the
signature line. In this fashion, it should be possible to have a file
containing multiple signed snippets as well as a signed file. The Emacs
command would take care of signing with the user's preferred key and
adding the required comment lines.
There would be one signature (if any), per snippet or file, simply
indicating the last person claiming to be responsible for a particular
sha1. If that person is trusted, and the sha1 matches, all is well. This
is not applicable to git controlled files as git already provides a sha1
for the entire repo and allows annotated tags to be signed.
I'd be happy to implement this functionality if it could work. Any
thoughts?
- convenient digital signing for el files and snippets,
Joseph Gay <=