On 9/30/05, Ken Manheimer <[EMAIL PROTECTED]> wrote: > On 9/30/05, Sascha Wilde <[EMAIL PROTECTED]> wrote: > > On Fri, Sep 30, 2005 at 01:24:14PM -0400, Ken Manheimer wrote: > > [...] > > > topic encryption functionality depends on both mailcrypt and > > > crypt++ packages. (non-encryption allout functionality is not > > > disrupted if either mailcrypt or crypt++ are absent.) > > > > why do you relay on these packages, which aren't part of gnu emacs, > > when we have pgg? > > good question - i wasn't aware of pgg. can you tell me more about it? > i'd be very happy to find a single package that cleanly provides the > encryption interface that allout needs!
andreas pointed me at pgg's bundling in gnus, for which gentoo has an ebuild. i emerged it and got access to gpp and the info file. it looks nice - clean - but appears to have the same drawback, for my purposes, as mailcrypt. it will decrypt messages encoded with a symmetric key, but provides no api for encrypting with a symmetric key. that lack is a show-stopper for my purposes. that mailcrypt and pgg would concentrate on public-key mode makes a lot of sense, considering the ultimate purpose is encryption and/or signing of messages to be exchanged between remote parties - email, news, software packaging, etc. my primary concern for encryption in allout is with conveniently securing notes for oneself. the lattitude of symmetric keys offers much better convenience in that context. i actually inquired on the mailcrypt developers list about the lack of provision for symmetric-key encryption, and the general concensus was that it just was an oversight, not a deliberate avoidance. i presume (as i suggest above) because it's not useful for the message-exchange realm. it may well be that pgg is preferable, somehow, to mailcrypt - they both offer similar functionality, including key caching, as well as the lack of an interface for encrypting with a symmetric key. but the changeover won't gain me anything i can yet see - i'll still need to also use crypt++ for the symmetric key encoding. and the cost in effort of switching from working code would not be trivial, so until/unless i see a compelling gain, or someone else does the integration (and convinces me that pgg is more widespread than mailcrypt), i'm think i'm fine with mailcrypt. ken [EMAIL PROTECTED] _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://lists.gnu.org/mailman/listinfo/emacs-devel