Re: security of the emacs package system, elpa, melpa and marmalade

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: security of the emacs package system, elpa, melpa and marmalade

From:	Ted Zlatanov
Subject:	Re: security of the emacs package system, elpa, melpa and marmalade
Date:	Mon, 30 Sep 2013 09:25:39 -0400
User-agent:	Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)

On Sun, 29 Sep 2013 14:18:36 -0400 Ted Zlatanov <address@hidden> wrote: 

TZ> Let's just say I'll implement the OpenPGP protocol emulation as in
TZ> http://tools.ietf.org/html/rfc4880 when I get to it, and anyone else
TZ> that thinks it's worthwhile can work with me or do it themselves.

Hmm, looks like libnettle (brought in with GnuTLS) already provides most
of the infrastructure needed.  The question for me is, should I bother
with a full OpenPGP signature emulation, or is it sufficient to
implement RSA/DSA/EC-based signatures for Emacs internal use only?  The
latter is going to be much less work; it's basically exposing the
functions in http://www.lysator.liu.se/~nisse/nettle/nettle.html#RSA
http://www.lysator.liu.se/~nisse/nettle/nettle.html#DSA
http://www.lysator.liu.se/~nisse/nettle/nettle.html#Elliptic-curves to
Emacs.

Ted

[Prev in Thread]

Current Thread

[Next in Thread]

Re: security of the emacs package system, elpa, melpa and marmalade, (continued)

Prev by Date: pp.el: `pp-buffer' not pretty when `print-circle' non-nil
Next by Date: Re: security of the emacs package system, elpa, melpa and marmalade
Previous by thread: Re: security of the emacs package system, elpa, melpa and marmalade
Next by thread: Re: security of the emacs package system, elpa, melpa and marmalade
Index(es):
- Date
- Thread