From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id UNezFVxj1V+7cwAA0tVLHw (envelope-from ) for ; Sun, 13 Dec 2020 00:42:04 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id KAJbEVxj1V9hcAAAB5/wlQ (envelope-from ) for ; Sun, 13 Dec 2020 00:42:04 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 73914940396 for ; Sun, 13 Dec 2020 00:42:03 +0000 (UTC) Received: from localhost ([::1]:39140 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1koFSc-0004Zr-CC for larch@yhetil.org; Sat, 12 Dec 2020 19:42:02 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:39578) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1koFQd-0004Yl-3Z for emacs-orgmode@gnu.org; Sat, 12 Dec 2020 19:39:59 -0500 Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432]:45353) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1koFPv-000474-QL for emacs-orgmode@gnu.org; Sat, 12 Dec 2020 19:39:28 -0500 Received: by mail-pf1-x432.google.com with SMTP id q22so9632274pfk.12 for ; Sat, 12 Dec 2020 16:39:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:in-reply-to:references:date:message-id :mime-version; bh=lRuVKSmWf57hJakiRTgHRW0/uq5/xGEd8ia62FuvtSs=; b=g+BNxqGBkR821SxSlS/yg5RjKdgow0vGUFNloDt2Q0i2grgSIQkEco6P94uY3Dj71V /CPUSM0yqgLmwvKwBtBtXabw8VNXdlt/hc66OwDjCRHCZs2OvUB+MI4xEqfPIq9f+iNN FfJ84qvbDAYEZuyQH7m3zm7/WeGlodk7jCRV/3yxp0aJisSmLtw4wueayaviBYQEehag noanhStIcJ3SkkoA2sFkTtj/BmEA2UGKWXesBS2fgywX4ZOdwv2tToCA6xt6o2JzjmqF hCP3pwUYcomt8EAOn2LbsUOy9QE2SCI17vW+HjXBwuQbjheltjhynkk7jzrdeh5mhyq+ t3Qg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=lRuVKSmWf57hJakiRTgHRW0/uq5/xGEd8ia62FuvtSs=; b=ned7b+eCH/B5OQDJTTjE3iwLiQkFArwtPFokIaekSEu+gVNKBRhwspJL4qM1Il5vfr Ph9D+Lo9VFNPMC+RmwxQ9UEeGG/xGD6bU10RqIIgJx9X1NVPhMHV9U1koOStnTkHMPBM i6R4wy6nTzLFVFxWPqxni3y3p5sJvhA8BPO7RPkvWn0dzaYyennOQ0EnMeMraHS/+vRo RddhHRPtxsq2WcQJ0rdCVLpUYgnh8HucC+VJJkmhOT6zjQKXilH6lHWsxw7Xcd1HKxNI V7eBQpnHiTLWe+/39wgBcQgM8oE/5ygcF28eboW2eTEJgtvuHJsYm0nf6q3gyBUlRnzK rjcg== X-Gm-Message-State: AOAM531+CvIbqthA/oEA9nUyW3RTAQOnNhyLb0jtEvtl9BqZoSC9pJNK v0jSWO0hfA4OqwCLOr7uNJc= X-Google-Smtp-Source: ABdhPJwxM9lUOGpIPatRTRHiiIB62YJ58MMLwF0+LXHxv9nnV+3mfsTxqF0KCWG1NHl1cpuYFWbYUw== X-Received: by 2002:a62:14c4:0:b029:19d:d3f5:c304 with SMTP id 187-20020a6214c40000b029019dd3f5c304mr17576461pfu.55.1607819949032; Sat, 12 Dec 2020 16:39:09 -0800 (PST) Received: from localhost ([50.7.251.66]) by smtp.gmail.com with ESMTPSA id bf3sm15024660pjb.45.2020.12.12.16.39.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Dec 2020 16:39:08 -0800 (PST) From: Ihor Radchenko To: Jean Louis Subject: Re: Bring up a screen giving option to open a series of orgmode files In-Reply-To: References: <87eejyedba.fsf@localhost> <87y2i4bc4s.fsf@localhost> Date: Sun, 13 Dec 2020 08:42:57 +0800 Message-ID: <87360a7cz2.fsf@localhost> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=2607:f8b0:4864:20::432; envelope-from=yantar92@gmail.com; helo=mail-pf1-x432.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Maxim Nikulin , emacs-orgmode@gnu.org Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: "Emacs-orgmode" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -2.50 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=g+BNxqGB; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of emacs-orgmode-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=emacs-orgmode-bounces@gnu.org X-Migadu-Queue-Id: 73914940396 X-Spam-Score: -2.50 X-Migadu-Scanner: scn1.migadu.com X-TUID: kZbSN3S7QriK Jean Louis writes: > For private annotations with hypothes.is one can install it on own > server and protect system for one's own group. That will do only a > group that is serious enough or have serious demands for annotations. > Myself I do not prefer having too much software installed online > especially not databases that are private. What is private I keep off > the Internet. If I wish to communicate over Internet to somebody I > always establish first encrypted line. I have hypothes.is installed inside docker container locally. No serious protection is required in such case (at least, no more than one would use to protect private files from dangerous software like browsers). Public annotations would better be just exported to a public server (automatically or not). > So I am about to develop system to provide annotation to somebody over > Internet, without compromising security of the file or annotation. > > As each hyperdocument has its unique ID, it is easy to expand it into: > > example.com/1/2/3/4 for ID 1234 > > That would be HTML with PDF annotation where user could open PDF > inside of that HTML or click on the PDF to open it. I do hope that > pdfjs does support specific page jumps. And such annotation on HTML > should work with or without Javascript. Those without can simply open > PDF file and manually jump to specific page as annotated and > instructed. I am not sure how it is different from using hypothes.is for the same purpose. Note that hypothes.is uses pdf fingerprinting, so you don't even need to store pdf on server side. If user can open the pdf (obtained from you directly, for example), hypothes.is will automatically show the up-to-date annotations shared via public hypothes.is instance for that particular user. > Then I would inject web server password protection and protect it from > public. But that does not protect the document of those who could > intrude into the server and also does not protect from cracking > attempts as username and password are not alone well secure. Better > would be having the encrypted HTML that is protected by user's private > PGP key, but I have no idea if such technology exists yet. hypothes.is uses OAuth mechanism with fine-grained control over the access to various annotations. Also, one can run it inside encrypted docker container (or even inside virtual machine) reducing the risk if server is compromised.