Bill Allombert writes ("Re: [Popcon-developers] Encrypted popcon submissions"):
> I just released popularity-contest 1.60 with encryption enabled by default.
Well done.
Thanks,
Ian.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "uns
On Sun, Aug 04, 2013 at 03:54:25PM +0200, Bill Allombert wrote:
> Well I have fixed this problem in popcon 1.59 by using a temporary GPGHOME
> that I remove afterward.
>
> If no more problem are found, I will release 1.60 in September with
> ENCRYPT=maybe
> by default (i.e. encrypt if gpg is avai
On Wed, Jul 10, 2013 at 04:14:02PM +0200, Bill Allombert wrote:
> On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote:
> > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote:
> > > Dear Debian people,
> > >
> > > I upload popularity-contest 1.58 which add support for encrypt
On Fri, Jul 12, 2013 at 10:30:49PM +, brian m. carlson wrote:
> On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote:
> > GPG=/usr/bin/gpg
> > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then
> > POPCONGPG="$POPCON.gpg"
> > rm -f "$POPCONGPG"
> > $GPG --no-default-keyring --keyr
On Sat, 2013-07-13 at 15:32:15 +, brian m. carlson wrote:
> On Sat, Jul 13, 2013 at 02:33:57PM +0200, Guillem Jover wrote:
> > Hmm, do you have a reference? I've looked in the gnupg git master and
> > stable-2.0 branches and I don't see any obvious mention of this on the
> > NEWS file, or commi
On Sat, Jul 13, 2013 at 02:33:57PM +0200, Guillem Jover wrote:
> Hmm, do you have a reference? I've looked in the gnupg git master and
> stable-2.0 branches and I don't see any obvious mention of this on the
> NEWS file, or commit messages after a quick search. I'd fine it very
> strange that such
Hi!
On Fri, 2013-07-12 at 22:30:49 +, brian m. carlson wrote:
> On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote:
> > GPG=/usr/bin/gpg
> > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then
> > POPCONGPG="$POPCON.gpg"
> > rm -f "$POPCONGPG"
> > $GPG --no-default-keyring --key
On Fri, Jul 12, 2013 at 10:30:49PM +, brian m. carlson wrote:
> On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote:
> > GPG=/usr/bin/gpg
> > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then
> > POPCONGPG="$POPCON.gpg"
> > rm -f "$POPCONGPG"
> > $GPG --no-default-keyring --keyr
On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote:
> GPG=/usr/bin/gpg
> if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then
> POPCONGPG="$POPCON.gpg"
> rm -f "$POPCONGPG"
> $GPG --no-default-keyring --keyring "$KEYRING" --trust-model=always \
I know you're using GnuPG 1.x here, but
On Thu, Jul 11, 2013 at 5:15 PM, Daniel Leidert wrote:
> Am Donnerstag, den 11.07.2013, 15:33 +0200 schrieb Bill Allombert:
> JFTR: The file secring.gpg can be avoided using
> --secret-keyring=/dev/null but I don't know how to suppress the creation
> of trustdb.gpg.
Note that you can't use that f
Am Donnerstag, den 11.07.2013, 15:33 +0200 schrieb Bill Allombert:
[use gpg but don't write to root/.gnupg]
> Below is the code in /etc/cron.daily/popularity-contest
>
> GPG=/usr/bin/gpg
> if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then
> POPCONGPG="$POPCON.gpg"
> rm -f "$POPCONGPG"
> $GPG
On Wed, Jul 10, 2013 at 11:36:02PM +0200, Daniel Leidert wrote:
> Am Mittwoch, den 10.07.2013, 16:14 +0200 schrieb Bill Allombert:
> > On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote:
> > > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote:
> > > > Dear Debian people,
>
Am Mittwoch, den 10.07.2013, 16:14 +0200 schrieb Bill Allombert:
> On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote:
> > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote:
> > > Dear Debian people,
> > >
> > > I upload popularity-contest 1.58 which add support for encryp
On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote:
> On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote:
> > Dear Debian people,
> >
> > I upload popularity-contest 1.58 which add support for encrypted
> > submissions.
> > For this release it is not activated by default.
On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote:
> Dear Debian people,
>
> I upload popularity-contest 1.58 which add support for encrypted submissions.
> For this release it is not activated by default.
> Please help test this feature by adding
> ENCRYPT="yes"
> to /etc/popularity
Le Friday 21 June 2013 17:08:08, Bill Allombert a écrit :
> I upload popularity-contest 1.58 which add support for encrypted
> submissions. For this release it is not activated by default.
> Please help test this feature by adding
> ENCRYPT="yes"
> to /etc/popularity-contest.conf to activate it.
C
[Paul Wise]
> This could be solved by having a mapping between encryption keys and
> URLs. A mechanism that would allow derivatives to just drop some
> files/dirs into their base-files package would probably be the
> easiest.
I suspect the easiest way would be to allow more than one GPG key to
be
On Sat, Jun 22, 2013 at 12:00 PM, Petter Reinholdtsen wrote:
> I suspect the new encryption feature would break
> popcon.skolelinux.org, as we have not investigated the new feature and
> use popularity-contest directly from Debian. Our collector would
> start getting encrypted submissions and lac
[Paul Wise]
> I wonder if the release team would accept a backport of these
> features to popcon in stable/oldstable. GPG and time truncation are
> security enhancements and reporting the dpkg Vendor field is very
> useful and has no risks. Once GPG is tested, would you consider
> doing a stable/ol
On Fri, Jun 21, 2013 at 11:08 PM, Bill Allombert wrote:
> I upload popularity-contest 1.58 which add support for encrypted submissions.
...
> Once this feature has seen proper testing, we will activate it by default.
...
> * popularity-contest now report the dpkg Vendor field. This will allow to
* Bill Allombert , 2013-06-21, 17:08:
I upload popularity-contest 1.58 which add support for encrypted
submissions.
Great news. :-)
BTW, you probably want to pass --no-options to gpg.
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscr
Hi,
Am 21.06.2013 17:08, schrieb Bill Allombert:
> * popularity-contest now report the dpkg Vendor field. This will allow to
> track submission by derivative distribution.
Thanks for that, that sounds immensly useful.
I hope popcon.d.o is updated to make use of that information.
Michael
--
W
Dear Debian people,
I upload popularity-contest 1.58 which add support for encrypted submissions.
For this release it is not activated by default.
Please help test this feature by adding
ENCRYPT="yes"
to /etc/popularity-contest.conf to activate it.
Once this feature has seen proper testing, we w
On Thu, 16 May 2013, Bill Allombert wrote:
> On Sat, May 11, 2013 at 11:43:25AM +0200, Bill Allombert wrote:
> > > Why do you think this is too much for popov to handle?
> >
> > I did some benchmark. Currently popov CPU has about 20% of a real CPU.
> > Currently processing the popcon data takes
On Sat, May 11, 2013 at 11:43:25AM +0200, Bill Allombert wrote:
> > Why do you think this is too much for popov to handle?
>
> I did some benchmark. Currently popov CPU has about 20% of a real CPU.
> Currently processing the popcon data takes between 6h30 and 8h30.
> At this rate decrypting the r
On Sat, May 11, 2013 at 11:43:25AM +0200, Bill Allombert wrote:
> On Fri, May 10, 2013 at 10:44:25PM +0200, Peter Palfrader wrote:
> > On Fri, 10 May 2013, Bill Allombert wrote:
> >
> > > I am considering activating encryption of popularity-contest submissions
> > > using public key cryptography t
On Fri, May 10, 2013 at 09:53:25PM +0100, Ian Jackson wrote:
> Bill Allombert writes ("encrypted popcon submissions"):
> > The drawback is the computing cost on the server. Currently we are
> > processing about 25000 report each days, which would require about 2
> &
On Fri, May 10, 2013 at 10:44:25PM +0200, Peter Palfrader wrote:
> On Fri, 10 May 2013, Bill Allombert wrote:
>
> > I am considering activating encryption of popularity-contest submissions
> > using public key cryptography to protect popcon submission while in transit.
>
> Do you think the benefi
On Sat, May 11, 2013 at 8:40 AM, Charles Plessy wrote:
> sorry if it is a naive question: by "public key cryptography", do you mean GPG
> or TLS ?
He is talking about OpenPGP and gpg, TLS wouldn't be helpful since
popcon uses either SMTP or HTTP.
--
bye,
pabs
http://wiki.debian.org/PaulWise
Le Fri, May 10, 2013 at 10:02:06PM +0200, Bill Allombert a écrit :
>
> I am considering activating encryption of popularity-contest submissions
> using public key cryptography to protect popcon submission while in transit.
Hello Bill,
sorry if it is a naive question: by "public key cryptography"
* Peter Palfrader , 2013-05-10, 22:44:
On Fri, 10 May 2013, Bill Allombert wrote:
I am considering activating encryption of popularity-contest
submissions using public key cryptography to protect popcon submission
while in transit.
I think encrypting popcon submissions in an excellent idea.
Peter Palfrader writes ("Re: encrypted popcon submissions"):
> Do you think the benefits outweight the drawback that the admin no
> longer can be certain we don't send anything we shouldn't?
This is a very good point but it can be easily dealt with: the
encrypt
On Fri, 10 May 2013, Bill Allombert wrote:
> I am considering activating encryption of popularity-contest submissions
> using public key cryptography to protect popcon submission while in transit.
Do you think the benefits outweight the drawback that the admin no
longer can be certain we don't se
Bill Allombert writes ("encrypted popcon submissions"):
> The drawback is the computing cost on the server. Currently we are
> processing about 25000 report each days, which would require about 2
> hours of 'real' CPU time to decrypt, which is too much for
> pop
Dear developers,
I am considering activating encryption of popularity-contest submissions
using public key cryptography to protect popcon submission while in transit.
This means
- The popularity-contest package will include a public key that will be used to
encrypt
report.
- The popcon.debian.
35 matches
Mail list logo
