Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
reassign 503096 emacs-goodies-el retitle 503096 emacs-goodies-el: please include alpaca.el thanks On November 3, 2008 at 1:08PM +0100, zack (at debian.org) wrote: > On Mon, Nov 03, 2008 at 08:51:55PM +0900, Tatsuya Kinoshita wrote: > > I don't intend to push alpaca into the Emacs main tree. Please > > allow making just an optional Debian package. > > > > Does anyone still strongly have objection to this ITP? If so, > > please tell me against the above comments. > > Yes, I still object the ITP. If you firmly believe that it can not > (easily) be integrated into Emacs main tree, at least put it into > emacs-goodies-el: alpaca is still *a single file*, we don't want > 1-filer packages in the archive. Really. On November 5, 2008 at 8:24AM +0100, joerg (at debian.org) wrote: > Yes I have, this package for *one single file* won't make it into > Debian, sorry. Please have it included in emacs-goodies-el, it seems to > fit very well there. Reassigning this bug to the emacs-goodies-el package. I'll make a patch to merge alpaca.el into the emacs-goodies-el package soon. Though I don't think an upstream single file must not be packaged, the emacs-goodies-el package seems to fit for alpaca.el. Thanks, -- Tatsuya Kinoshita pgpZM23XyIfZh.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
>> > Hence the question goes as: considering that the next release of >> > Debian is most likely going to be released with Emacs (>= 23.1), which >> > is integrated properly with EasyPG, do we need alpaca in Debian? I >> > believe the answer is «no». >> I think that the alpaca package isn't meaningless even if less >> people use alpaca than EasyPG. >> `alpaca' uses symmetric encryption with "--cipher-algo AES" for a >> new *.gpg file by default, while I haven't found an easy way to >> customizet EasyPG. >> To avoid the complexity of handling *.gpg files, I won't enable the >> alpaca feature if EasyPG is installed, and I'll suggest EasyPG and >> add more information in the alpaca package document. > I don't intend to push alpaca into the Emacs main tree. Please > allow making just an optional Debian package. > Does anyone still strongly have objection to this ITP? If so, > please tell me against the above comments. Yes I have, this package for *one single file* won't make it into Debian, sorry. Please have it included in emacs-goodies-el, it seems to fit very well there. -- bye, Joerg [Talking about Social Contract]: We will not discriminate noone[...] [So we discriminate anyone?] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
On October 26, 2008 at 9:12PM +0900, tats (at debian.org) wrote: > On October 26, 2008 at 11:11AM +0100, > zack (at debian.org) wrote: > > > Indeed, the fact that EasyPG is now integrated in development version > > of Emacs is my main reason for objecting this ITP. > [...] > > Hence the question goes as: considering that the next release of > > Debian is most likely going to be released with Emacs (>= 23.1), which > > is integrated properly with EasyPG, do we need alpaca in Debian? I > > believe the answer is «no». [...] > I think that the alpaca package isn't meaningless even if less > people use alpaca than EasyPG. > > `alpaca' uses symmetric encryption with "--cipher-algo AES" for a > new *.gpg file by default, while I haven't found an easy way to > customizet EasyPG. > > To avoid the complexity of handling *.gpg files, I won't enable the > alpaca feature if EasyPG is installed, and I'll suggest EasyPG and > add more information in the alpaca package document. I don't intend to push alpaca into the Emacs main tree. Please allow making just an optional Debian package. Does anyone still strongly have objection to this ITP? If so, please tell me against the above comments. If not, I'll make and upload the package soon. Thanks, -- Tatsuya Kinoshita pgpqOuof8axgD.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
On October 26, 2008 at 3:34PM +, rswarbrick (at googlemail.com) wrote: > > `alpaca' uses symmetric encryption with "--cipher-algo AES" for a > > new *.gpg file by default, while I haven't found an easy way to > > customizet EasyPG. > > > > Anyway, the point of this post: gpg's default symmetric encryption > algorithm is CAST5 [1]. Looking through the epg code, I agree that there > isn't currently a way to customise this. [...] > However, I'm sure that the epg maintainers would be interested in > patches and/or further discussion about this. Maybe you should take the > topic to their mailing list? This is now discussed with the EasyPG author at Debian BTS here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503302#16 Thanks, -- Tatsuya Kinoshita pgpxhSVzqWMaA.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
Tatsuya Kinoshita <[EMAIL PROTECTED]> writes: > I think that the alpaca package isn't meaningless even if less > people use alpaca than EasyPG. Grr. It's FEWER! > > `alpaca' uses symmetric encryption with "--cipher-algo AES" for a > new *.gpg file by default, while I haven't found an easy way to > customizet EasyPG. > Anyway, the point of this post: gpg's default symmetric encryption algorithm is CAST5 [1]. Looking through the epg code, I agree that there isn't currently a way to customise this. However, a lot of the infrastructure to make this easy is available: in epg.el line 36 there is a constant, epg-cipher-algorithm-alist. Using that as a filter, it would be quite simple to add a selection mechanism for the output type. I don't intend to do this, since I'm not sure what the appropriate semantics would be: should the user be pestered? should it be available via some prefix arg? Certainly there should be a customisation option. However, I'm sure that the epg maintainers would be interested in patches and/or further discussion about this. Maybe you should take the topic to their mailing list? Rupert [1] See the gpg manpage, COMMANDS section, under -c. pgpHHEAM08vJA.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
On October 26, 2008 at 11:11AM +0100, zack (at debian.org) wrote: > Indeed, the fact that EasyPG is now integrated in development version > of Emacs is my main reason for objecting this ITP. [...] > Hence the question goes as: considering that the next release of > Debian is most likely going to be released with Emacs (>= 23.1), which > is integrated properly with EasyPG, do we need alpaca in Debian? I > believe the answer is «no». [...] > > `alpaca' just provides a hook function for *.gpg file handling. > > Meanwhile EasyPG is a powerful tool which also provides keyring > > browser, dired integration, mail functions and so on. So, the > > source code of alpaca is more small and simple. > > Yes, but EasyPG is integrated with a package we already have, and the > complexity you are mentioning is not exposed to the random user of > *.gpg files. I think that the alpaca package isn't meaningless even if less people use alpaca than EasyPG. `alpaca' uses symmetric encryption with "--cipher-algo AES" for a new *.gpg file by default, while I haven't found an easy way to customizet EasyPG. To avoid the complexity of handling *.gpg files, I won't enable the alpaca feature if EasyPG is installed, and I'll suggest EasyPG and add more information in the alpaca package document. FYI: you may enable both alpaca and EasyPG's epa-file with setting alpaca-regex-suffix to "\\.gnupg$" (other than ".gpg"). Thanks, -- Tatsuya Kinoshita pgpIOu6mZ3A0R.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
On Thu, Oct 23, 2008 at 11:14:53PM +0900, Tatsuya Kinoshita wrote: > > I think that a package for one single file is too much. I agree with Luca here. FWIW I also formally object to this ITP. > Even so, the Debian package is helpful for users to install, > upgrade and use it. This is not an argument per se. Everything which should be installed on user machines can benefit to be managed as a package. Still, we have trade-offs to do about the maintainability of our package base. > `alpaca' is an old and simple way. > > The old version of alpaca (named gpg.el) was released in 2003 and > has been useful ever since. EasyPG, "yet another GnuPG interface > for Emacs", version 0.0.1 was released in 2006, and then merged the > development version of Emacs (will be 23.1 release) in 2008. Indeed, the fact that EasyPG is now integrated in development version of Emacs is my main reason for objecting this ITP. I'm using emacs-snapshot from [1] and without any configuration at all *.gpg files are handled properly. The level of integration is the same I used to have with gnupg.vim as shipped by vim-scripts. Hence the question goes as: considering that the next release of Debian is most likely going to be released with Emacs (>= 23.1), which is integrated properly with EasyPG, do we need alpaca in Debian? I believe the answer is «no». [1] http://emacs.orebokech.com/ > `alpaca' just provides a hook function for *.gpg file handling. > Meanwhile EasyPG is a powerful tool which also provides keyring > browser, dired integration, mail functions and so on. So, the > source code of alpaca is more small and simple. Yes, but EasyPG is integrated with a package we already have, and the complexity you are mentioning is not exposed to the random user of *.gpg files. Cheers. -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -<>- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
Hi Luca, thanks for the comment. On October 22, 2008 at 7:18PM +0200, luca (at pca.it) wrote: > > * Package name: alpaca > [...] > > * URL : http://www.mew.org/~kazu/proj/cipher/ > > I think that a package for one single file is too much. Even so, the Debian package is helpful for users to install, upgrade and use it. > > Description : GnuPG file handling for Emacs > > `alpaca' is an Emacs Lisp package to edit GnuPG files encrypted with > > shared-key cryptography on GNU Emacs. > > . > > If this package is installed, when handling of a file whose suffix > > is ".gpg", this package asks your passphrase and then the file is > > automatically decrypted/encrypted. > > What are the advantages of alpaca over EasyPG [1]? FWIW with EasyPG you > get the same behavior when you handle a .gpg file and I was thinking > that (finally) EasyPG was the Emacs choice for everything GPG related. `alpaca' is an old and simple way. The old version of alpaca (named gpg.el) was released in 2003 and has been useful ever since. EasyPG, "yet another GnuPG interface for Emacs", version 0.0.1 was released in 2006, and then merged the development version of Emacs (will be 23.1 release) in 2008. `alpaca' just provides a hook function for *.gpg file handling. Meanwhile EasyPG is a powerful tool which also provides keyring browser, dired integration, mail functions and so on. So, the source code of alpaca is more small and simple. If you always use symmetric (shared-key) encryption for *.gpg files, alpaca is fit for you. Because alpaca always use symmetric encryption, while EasyPG asks user to select recipients and then symmetric encryption is used if no one is selected. Anyway, I'll add more information to the package description and README.Debian. Also, I'll consider the conflict of EasyPG. The alpaca feature should not be enabled when EasyPG's epa-file feature is enabled. Thanks, -- Tatsuya Kinoshita pgpTD4VkwQOaz.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
Hi Tatsuya! On Wed, 22 Oct 2008 15:58:11 +0200, Tatsuya Kinoshita wrote: > * Package name: alpaca [...] > * URL : http://www.mew.org/~kazu/proj/cipher/ I think that a package for one single file is too much. > Description : GnuPG file handling for Emacs > `alpaca' is an Emacs Lisp package to edit GnuPG files encrypted with > shared-key cryptography on GNU Emacs. > . > If this package is installed, when handling of a file whose suffix > is ".gpg", this package asks your passphrase and then the file is > automatically decrypted/encrypted. What are the advantages of alpaca over EasyPG [1]? FWIW with EasyPG you get the same behavior when you handle a .gpg file and I was thinking that (finally) EasyPG was the Emacs choice for everything GPG related. Thx, bye, Gismo / Luca Footnotes: [1] http://www.easypg.org/ pgpCLRO6AwBSJ.pgp Description: PGP signature
Bug#503096: ITP: alpaca -- GnuPG file handling for Emacs
Package: wnpp Severity: wishlist Owner: Tatsuya Kinoshita <[EMAIL PROTECTED]> * Package name: alpaca Version : 0.13 Upstream Author : Kazu Yamamoto * URL : http://www.mew.org/~kazu/proj/cipher/ * License : BSD Programming Lang: Emacs Lisp Description : GnuPG file handling for Emacs `alpaca' is an Emacs Lisp package to edit GnuPG files encrypted with shared-key cryptography on GNU Emacs. . If this package is installed, when handling of a file whose suffix is ".gpg", this package asks your passphrase and then the file is automatically decrypted/encrypted. Thanks, -- Tatsuya Kinoshita pgpMbtX0HKPN5.pgp Description: PGP signature
