Re: convenient digital signing for el files and snippets

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: convenient digital signing for el files and snippets

From:	Ted Zlatanov
Subject:	Re: convenient digital signing for el files and snippets
Date:	Wed, 09 Mar 2011 09:33:00 -0600
User-agent:	Gnus/5.110014 (No Gnus v0.14) Emacs/24.0.50 (gnu/linux)

On Wed, 09 Mar 2011 00:12:13 -0600 Joseph Gay <address@hidden> wrote: 

JG> In short, add an Emacs command/function to sign an elisp file or snippet
JG> with a comment indicating the signer and signature, and another
JG> command/function to verify the signature.

I think it's better to sign a package than individual files:

- the package manager can do the verification at install time (once)

- there's already a packaging process which can easily have the extra
  signing step, and packages have metadata we can use

- signing a package would cover all the files, not just Emacs Lisp
  files, and would be done just once per package

- the Emacs Lisp code doesn't have to be polluted by the signing info

- older and legacy code doesn't have to be modified to be signed

So I think it's good to have the support you mentioned but for
package.el instead of at the Emacs Lisp code level.

Ted

[Prev in Thread]

Current Thread

[Next in Thread]

convenient digital signing for el files and snippets, Joseph Gay, 2011/03/09
- Re: convenient digital signing for el files and snippets, Ted Zlatanov <=
  - Re: convenient digital signing for el files and snippets, Joseph Gay, 2011/03/09
    - Re: convenient digital signing for el files and snippets, Ted Zlatanov, 2011/03/09

Prev by Date: Re: Typesetting non-ASCII names in Emacs manuals
Next by Date: `custom-file' and init-file [was: user-controlled load-path extension: load-dir]
Previous by thread: convenient digital signing for el files and snippets
Next by thread: Re: convenient digital signing for el files and snippets
Index(es):
- Date
- Thread