From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?ISO-8859-1?Q?Andreas_R=F6hler?= Subject: Re: org-mobile-use-encryption Date: Wed, 13 Oct 2010 16:02:39 +0200 Message-ID: <4CB5BBFF.9040505@easy-emacs.de> References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: Received: from [140.186.70.92] (port=55609 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1P61vZ-0003lQ-1o for emacs-orgmode@gnu.org; Wed, 13 Oct 2010 10:03:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1P61vS-00030r-Or for emacs-orgmode@gnu.org; Wed, 13 Oct 2010 10:03:32 -0400 Received: from moutng.kundenserver.de ([212.227.126.186]:52222) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1P61vS-00030S-Dh for emacs-orgmode@gnu.org; Wed, 13 Oct 2010 10:03:26 -0400 In-Reply-To: List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org To: emacs-orgmode@gnu.org Cc: Greg Troxel , Carsten Dominik Am 13.10.2010 10:59, schrieb Carsten Dominik: > > On Oct 13, 2010, at 2:23 AM, Greg Troxel wrote: > >> >> I am trying to test encryption for MobileOrg via a beta from Richard. >> (We're still playing the 'convince itunes to let you run code on your >> own phone game', so this report is preliminary about what Org itself is >> doing.) >> >> I have in .emacs-local.el: >> >> (setq org-mobile-use-encryption t) >> (setq org-mobile-encryption-password "mypasswd") >> >> and I did org-mobile-push. I found that there was an old agendas.org >> that was not encrypted, and it seems that org-mobile-push omits >> agendas.org if org-mobile-use-encryption is t, but still creates it when >> nil. > > I have not been able to reproduce this. > >> >> checksums.dat is in cleartext. This seems ok, but could be a missed >> opportunity for some integrity protection. > > I have a technical reason to not encrypt it - so unless there is someone > who really needs it encrypted, I want to keep it like this. > >> index.org is in cleartext. The list of file names is of course in the >> webdav area, and that seems not a big deal, but it also contains the >> TODO keyword plan, priority tag list, etc. > > This is a good observation. And who knows what other information we will > eventually put into that file. So I am switching to encrypting this file > as well. Hi, suggest to encrypt these kind of files by default. I.e. when org-mode starts action, user should be prompted for a password, be warned and informed about encryption, get a choice though. Maybe a non-encrypted test-mode may be added, so user may try it, but be warned not to store real data that way. Andreas -- https://code.launchpad.net/~a-roehler/python-mode/python-mode-components https://code.launchpad.net/s-x-emacs-werkstatt/ > >> >> I'm not sure this level of paranoia is warranted, but typical encrypting >> filesystems also encrypt the filenames. It probably suffices to just >> warn the user that the filenames of org files will still be exposed in >> the DAV area. > > I have just put this information into the manual. > > Thanks > > - Carsten > > >> >> >> >> _______________________________________________ >> Emacs-orgmode mailing list >> Please use `Reply All' to send replies to the list. >> Emacs-orgmode@gnu.org >> http://lists.gnu.org/mailman/listinfo/emacs-orgmode > > > _______________________________________________ > Emacs-orgmode mailing list > Please use `Reply All' to send replies to the list. > Emacs-orgmode@gnu.org > http://lists.gnu.org/mailman/listinfo/emacs-orgmode >