Re: Feature request: Selective encryption

emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed

From: Austin Frank <austin.frank@gmail.com>
To: emacs-orgmode@gnu.org
Subject: Re: Feature request: Selective encryption
Date: Sat, 01 Sep 2007 09:54:59 +0300	[thread overview]
Message-ID: <m08x7qq3i4.fsf@cs78150123.pp.htv.fi> (raw)
In-Reply-To: m2sl5zkm2s.fsf@gmail.com

On Sat, Sep 01 2007, Anupam Sengupta wrote:

> I use epg to encrypt the org-mode files. EPG expects the files to have
> a suffix of .gpg, which conflicts with the .org suffix - however, I
> circumvent this with a file local mode setting as the first line in my
> org files:
>
> # -*- mode: org; epa-file-encrypt-to: ("<my private key email ID here>"); coding: utf-8-unix; -*-
>
> This allows the file's major mode to be Org-mode.
>
> In addition, the archive files are also encrypted, and hence an
> over-ride is needed for the file name (otherwise the defaults will
> conflict):
>
> I have ...
>
> #+ARCHIVE: ~/org/<filename>.org_archive.gpg::
>
> In my active Org files - which works fine for the archival process,
> and ensures that the archives are also encrypted.

A few other options:

    - EPG also has the function epa-encrypt-region.  It asks for a
      recipient's key to use for encrypting, and does symmetric
      encryption if none is selected.  This could be used to selectively
      encrypt certain subtrees.  Especially given that...

    - message-mode has functions like mml-secure-encrypt (there are lots
      of others in the mml-secure-* family).  These functions use the
      strategy of inserting tags around the region to be encrypted.  I
      haven't actually read the functions, but from the outside it looks
      like the tags are used to set the region, the region is
      encrypted/signed, and then the tags are removed from the outgoing
      copy of the message.  FWIW, the tags look like (the leading # was
      added by me to keep the tag from actually doing anything in this
      message):

#        <#secure method=pgpmime mode=sign>

For interactive encrypting, I think epa-encrypt-region is probably
already good enough to do what folks have asked for.  For permanently
marking a subtree for encryption, maybe we could set a property like
ENCRYPT_CHILDREN, or set pairs of properties like ENCRYPT_BEGIN and
ENCRYPT_END.  The presence of these properties would cause the
appropriate region to be selected and passed to epa-encrypt-region when
org-encrypt-subtrees or org-encrypt-buffer is called (just speculating
about some possible function names).  Maybe on org-encrypt-buffer the
default is to call epa-encrypt-file unless some portion of the file is
marked for encryption, in which case it calls epa-encrypt-region on the
appropriate text.

The values of the ENCRYPT_* properties could be the key to use, or just
t.  If the value is t, either the key will be pulled from a file-level
variable, or the user will be prompted for which key to use (as
epa-encrypt-region normally does).

Thanks,
/au

-- 
Austin Frank
http://aufrank.net
GPG Public Key (D7398C2F): http://aufrank.net/personal.asc

next prev parent reply	other threads:[~2007-09-01  6:55 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-08-31  3:10 Feature request: Selective encryption John Wiegley
2007-08-31 13:34 ` John Rakestraw
2007-08-31 14:04 ` Carsten Dominik
2007-08-31 15:26   ` John Rakestraw
2007-08-31 19:28   ` John Wiegley
2007-09-01 10:29     ` Carsten Dominik
2007-09-02  8:20     ` Xavier Maillard
2007-09-02 20:14       ` John Wiegley
2007-09-03  1:00         ` Xavier Maillard
2007-08-31 21:11   ` Austin Frank
2007-09-01  5:10     ` Anupam Sengupta
2007-09-01  6:54       ` Austin Frank [this message]
2007-09-03  1:00         ` Xavier Maillard
2007-09-04  4:49       ` Dmitri Minaev
2007-09-05  1:00         ` Xavier Maillard
2007-09-05  4:18           ` Dmitri Minaev
2007-09-10  1:00             ` Xavier Maillard
2007-09-03  1:00     ` Xavier Maillard
2007-09-02  8:20   ` Xavier Maillard
2007-08-31 15:00 ` Bastien
2007-09-02  8:20   ` Xavier Maillard
2007-08-31 15:23 ` Scott Jaderholm
2007-09-02  8:21   ` Xavier Maillard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.orgmode.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m08x7qq3i4.fsf@cs78150123.pp.htv.fi \
    --to=austin.frank@gmail.com \
    --cc=emacs-orgmode@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).