On Fri, 2011-03-04 at 05:47 -0700, Sankar P wrote:
> Will it be not simpler if we can make Evolution use a custom location
> for cache, that the user/root can set ? 
> That way, we don't have to write (and more importantly maintain) yet
> another encryption/decryption library and instead just use a different
> folder for storing all secret/confidential data, which can be a custom
> mount point which runs on encrypted partition. 

I did look at that briefly. But I think it would have problems from both
the implementation and the user experience point of view.

With the encryption handled by e-d-s itself, it's all nice and
self-contained. When it needs a password it can *ask* for it. If it
wants to change the cache-encryption password to match the password for
the online account, then it can handle that too. It's all integrated and
works coherently.

If you start trying to co-ordinate it with an external thing like an
ecryptfs mount point, then there are a bunch of things you have to work
with which are essentially outside your control.

> From a distro point of view, libraries with security packages usually
> have extra maintenance overhead (Are you sure your package is not
> shipped to america-banned countries ? etc.)  So I believe it will be a
> better idea if the [en/de]cryption capable packages are less in
> number. 

I wasn't planning to do any of the actual crypto code directly in
Evolution; I was planning to use NSS for that. The additional
functionality would presumably live inside #ifdef CAMEL_HAVE_NSS, like a
lot of other code in e-d-s already does.


evolution-hackers mailing list
To change your list options or unsubscribe, visit ...

Reply via email to