From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>
Received: from mp2 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id sOwJJ0JR1l9VfQAA0tVLHw
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 13 Dec 2020 17:37:06 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp2 with LMTPS
	id gJKdIkJR1l80QgAAB5/wlQ
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 13 Dec 2020 17:37:06 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 0D194940363
	for <larch@yhetil.org>; Sun, 13 Dec 2020 17:37:06 +0000 (UTC)
Received: from localhost ([::1]:50284 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	id 1koVIu-0006vY-V2
	for larch@yhetil.org; Sun, 13 Dec 2020 12:37:04 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:55414)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <bugs@gnu.support>) id 1koVEo-0001LY-OG
 for emacs-orgmode@gnu.org; Sun, 13 Dec 2020 12:32:50 -0500
Received: from stw1.rcdrun.com ([217.170.207.13]:58887)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <bugs@gnu.support>) id 1koVEm-00028w-KV
 for emacs-orgmode@gnu.org; Sun, 13 Dec 2020 12:32:50 -0500
Received: from localhost ([::ffff:197.157.34.185])
 (AUTH: PLAIN securesender, TLS: TLS1.2,256bits,ECDHE_RSA_AES_256_GCM_SHA384)
 by stw1.rcdrun.com with ESMTPSA
 id 00000000000308FB.000000005FD6503E.00004D67; Sun, 13 Dec 2020 10:32:46 -0700
Date: Sun, 13 Dec 2020 18:00:51 +0300
From: Jean Louis <bugs@gnu.support>
To: Ihor Radchenko <yantar92@gmail.com>
Subject: Re: Bring up a screen giving option to open a series of orgmode files
Message-ID: <X9Yso4AGdwleerCJ@protected.rcdrun.com>
References: <rq8g30$66u$1@ciao.gmane.io>
 <X9DKgHWMWCCe02LN@protected.rcdrun.com>
 <rqqov9$724$1@ciao.gmane.io>
 <X9D8LCTVUAtmlwUm@protected.rcdrun.com> <87eejyedba.fsf@localhost>
 <X9MXrOHYXEM/wpd6@protected.rcdrun.com>
 <rr00de$8j0$1@ciao.gmane.io> <87y2i4bc4s.fsf@localhost>
 <X9Q3j3m+i5O/v5Xv@protected.rcdrun.com> <87360a7cz2.fsf@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
In-Reply-To: <87360a7cz2.fsf@localhost>
User-Agent: Mutt/2.0 (3d08634) (2020-11-07)
Received-SPF: pass client-ip=217.170.207.13; envelope-from=bugs@gnu.support;
 helo=stw1.rcdrun.com
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-orgmode@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "General discussions about Org-mode." <emacs-orgmode.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-orgmode>,
 <mailto:emacs-orgmode-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-orgmode>
List-Post: <mailto:emacs-orgmode@gnu.org>
List-Help: <mailto:emacs-orgmode-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
 <mailto:emacs-orgmode-request@gnu.org?subject=subscribe>
Cc: Maxim Nikulin <manikulin@gmail.com>, emacs-orgmode@gnu.org
Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org
Sender: "Emacs-orgmode" <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
X-Migadu-Spam-Score: -1.80
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of emacs-orgmode-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=emacs-orgmode-bounces@gnu.org
X-Migadu-Queue-Id: 0D194940363
X-Spam-Score: -1.80
X-Migadu-Scanner: scn1.migadu.com
X-TUID: OBB9E4Q9QcFj

* Ihor Radchenko <yantar92@gmail.com> [2020-12-13 03:39]:
> Jean Louis <bugs@gnu.support> writes:
> 
> > For private annotations with hypothes.is one can install it on own
> > server and protect system for one's own group. That will do only a
> > group that is serious enough or have serious demands for annotations.
> 
> > Myself I do not prefer having too much software installed online
> > especially not databases that are private. What is private I keep off
> > the Internet. If I wish to communicate over Internet to somebody I
> > always establish first encrypted line.
> 
> I have hypothes.is installed inside docker container locally. No serious
> protection is required in such case (at least, no more than one would
> use to protect private files from dangerous software like browsers).

I can install it on VPS which is definitely in plan. Locally I do not
think so, as locally I have dynamic knowledge repository that may
export to Org if necessary or accessed by collaborative group of
people. 

> Public annotations would better be just exported to a public server
> (automatically or not).

When they are public yes. I have it rather private.

> > example.com/1/2/3/4 for ID 1234
> >
> > That would be HTML with PDF annotation where user could open PDF
> > inside of that HTML or click on the PDF to open it. I do hope that
> > pdfjs does support specific page jumps. And such annotation on HTML
> > should work with or without Javascript. Those without can simply open
> > PDF file and manually jump to specific page as annotated and
> > instructed.
> 
> I am not sure how it is different from using hypothes.is for the same
> purpose. Note that hypothes.is uses pdf fingerprinting, so you don't
> even need to store pdf on server side. If user can open the pdf
> (obtained from you directly, for example), hypothes.is will
> automatically show the up-to-date annotations shared via public
> hypothes.is instance for that particular user.

The difference is that annotation is separate from file, and there is
no need for Javascript. Hyperdocument may contain the PDF file and the
annotation together, dispatched to somebody, or referenced from WWW
page. It is lightweight. HTML file can be very small and speedy
loaded. 

> > Then I would inject web server password protection and protect it from
> > public. But that does not protect the document of those who could
> > intrude into the server and also does not protect from cracking
> > attempts as username and password are not alone well secure. Better
> > would be having the encrypted HTML that is protected by user's private
> > PGP key, but I have no idea if such technology exists yet.
> 
> hypothes.is uses OAuth mechanism with fine-grained control over the
> access to various annotations. Also, one can run it inside encrypted
> docker container (or even inside virtual machine) reducing the risk if
> server is compromised.

That is great yet introduces 2 different tools for one purpose. While
I support Hypothesi.is in general and will be using its hyperlinks for
some public purposes, those private purposes will remain off line and
I need not have any extra software to have my group of people learning
from annotated PDFs. They would be in local area network or VPN in
collaborative environment backed by database where they can open and
read PDFs without browser, Emacs is enough to browse it or exported to
some other format I can make it as well HTML or provide hyperlinks as
I wish, including to open it with the PDF in a built-in browser.  Each
software for its purpose. I recommended hypothesi.is but I already
have similar system built on same principles of Engelbart just as
Hypothes.is

Jean