emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed
* Feature request: Selective encryption
@ 2007-08-31  3:10 John Wiegley
  2007-08-31 13:34 ` John Rakestraw
                   ` (3 more replies)
  0 siblings, 4 replies; 23+ messages in thread
From: John Wiegley @ 2007-08-31  3:10 UTC (permalink / raw)
  To: emacs-orgmode

I'm not sure if anyone has mentioned this, but one feature I'd like to see is
the ability to hit a keystroke and have the current outline entry encrypted or
decrypted.  allout.el does this now (although I find the implementation
somewhat horrendous).

Would others like to see this?  How would you like it to work?

John

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31  3:10 Feature request: Selective encryption John Wiegley
@ 2007-08-31 13:34 ` John Rakestraw
  2007-08-31 14:04 ` Carsten Dominik
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 23+ messages in thread
From: John Rakestraw @ 2007-08-31 13:34 UTC (permalink / raw)
  To: emacs-orgmode


[-- Attachment #1.1: Type: text/plain, Size: 1360 bytes --]

Hi --

On Thu, 30 Aug 2007 23:10:55 -0400
John Wiegley <johnw@newartisans.com> wrote:

> I'm not sure if anyone has mentioned this, but one feature I'd like
> to see is the ability to hit a keystroke and have the current outline
> entry encrypted or decrypted.  allout.el does this now (although I
> find the implementation somewhat horrendous).
> 
> Would others like to see this?  How would you like it to work?

I'd like to see this. Right now I'm using ccrypt
(http://ccrypt.sourceforge.net/) with the accompanying emacs package
jka-compr-ccrypt. My set-up is definitely workable, but it would be
nice to have something integrated within emacs.

As for how I'd like it to work, I'd like more or less what John W
describes -- encryption and decryption by a keystroke or short series
of keystrokes. I'd like to be prompted twice for a password or pass
phrase the first time I encrypt a file, and then to be asked for a
password or pass phrase when I open an encrypted file. I'd like it
to remember that password (assuming it's encrypted) so that I don't
have to re-enter it when I re-save an encrypted file. Of course, I'm
largely ignorant of how encryption works -- the FAQ on the ccrypt page
addresses some of the concerns knowledgeable people have. So I don't
know how easy/hard it is to do these things.

-- 
John Rakestraw

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

[-- Attachment #2: Type: text/plain, Size: 149 bytes --]

_______________________________________________
Emacs-orgmode mailing list
Emacs-orgmode@gnu.org
http://lists.gnu.org/mailman/listinfo/emacs-orgmode

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31  3:10 Feature request: Selective encryption John Wiegley
  2007-08-31 13:34 ` John Rakestraw
@ 2007-08-31 14:04 ` Carsten Dominik
  2007-08-31 15:26   ` John Rakestraw
                     ` (3 more replies)
  2007-08-31 15:00 ` Bastien
  2007-08-31 15:23 ` Scott Jaderholm
  3 siblings, 4 replies; 23+ messages in thread
From: Carsten Dominik @ 2007-08-31 14:04 UTC (permalink / raw)
  To: John Wiegley; +Cc: emacs-orgmode


On Aug 31, 2007, at 5:10, John Wiegley wrote:

> I'm not sure if anyone has mentioned this, but one feature I'd like to 
> see is
> the ability to hit a keystroke and have the current outline entry 
> encrypted or
> decrypted.  allout.el does this now (although I find the implementation
> somewhat horrendous).
>
> Would others like to see this?  How would you like it to work?

I do think this would be a useful feature.  Some properties I'd find 
useful:

- Use symmetric encryption

- Be able to recognize if an entry is encrypted

- Leave the headline of the entry alone and only encrypt
   the text below it and the subtree, if present

- Support something like a CRYPT tag, leading to automatic
   encryption when the file is saved, to make sure
   encrypted entries are never saved in clear text.

- Use only a single password per file, so once one entry is decrypted,
   others will open without an additional password prompt.

Something like this.

- Carsten

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31  3:10 Feature request: Selective encryption John Wiegley
  2007-08-31 13:34 ` John Rakestraw
  2007-08-31 14:04 ` Carsten Dominik
@ 2007-08-31 15:00 ` Bastien
  2007-09-02  8:20   ` Xavier Maillard
  2007-08-31 15:23 ` Scott Jaderholm
  3 siblings, 1 reply; 23+ messages in thread
From: Bastien @ 2007-08-31 15:00 UTC (permalink / raw)
  To: emacs-orgmode

John Wiegley <johnw@newartisans.com> writes:

> I'm not sure if anyone has mentioned this, but one feature I'd like to
> see is the ability to hit a keystroke and have the current outline
> entry encrypted or decrypted. allout.el does this now (although I find
> the implementation somewhat horrendous).
>
> Would others like to see this?  How would you like it to work?

This would be great. I guess it would allow several people work together
on a single Org file while each being able to preserve a private space.

-- 
Bastien

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31  3:10 Feature request: Selective encryption John Wiegley
                   ` (2 preceding siblings ...)
  2007-08-31 15:00 ` Bastien
@ 2007-08-31 15:23 ` Scott Jaderholm
  2007-09-02  8:21   ` Xavier Maillard
  3 siblings, 1 reply; 23+ messages in thread
From: Scott Jaderholm @ 2007-08-31 15:23 UTC (permalink / raw)
  To: John Wiegley; +Cc: emacs-orgmode


[-- Attachment #1.1: Type: text/plain, Size: 1024 bytes --]

On 8/30/07, John Wiegley <johnw@newartisans.com> wrote:
>
> I'm not sure if anyone has mentioned this, but one feature I'd like to see
> is
> the ability to hit a keystroke and have the current outline entry
> encrypted or
> decrypted.  allout.el does this now (although I find the implementation
> somewhat horrendous).
>
> Would others like to see this?  How would you like it to work?


I currently encrypt a lot of my org files with gpg symmetric encryption
using http://www.easypg.org/. I open the file as if it were a normal file
and emacs asks me the password. With a mode line at the start of the file
org mode comes up fine.

I think it would be useful to be able to encrypt individual sections of an
org file, but I wonder how easily I would be able to unencrypt those
sections if org-mode weren't available. Right now I can easily unencrypt the
org files just using gpg, but if only a section is encrypted, am I going to
have to do some hacking to get that section unencrypted without org-mode?

Good idea,
Scott

[-- Attachment #1.2: Type: text/html, Size: 1400 bytes --]

[-- Attachment #2: Type: text/plain, Size: 149 bytes --]

_______________________________________________
Emacs-orgmode mailing list
Emacs-orgmode@gnu.org
http://lists.gnu.org/mailman/listinfo/emacs-orgmode

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 14:04 ` Carsten Dominik
@ 2007-08-31 15:26   ` John Rakestraw
  2007-08-31 19:28   ` John Wiegley
                     ` (2 subsequent siblings)
  3 siblings, 0 replies; 23+ messages in thread
From: John Rakestraw @ 2007-08-31 15:26 UTC (permalink / raw)
  To: emacs-orgmode


[-- Attachment #1.1: Type: text/plain, Size: 663 bytes --]

> > I'm not sure if anyone has mentioned this, but one feature I'd like
> > to see is
> > the ability to hit a keystroke and have the current outline entry 
> > encrypted or
> > decrypted.  allout.el does this now (although I find the
> > implementation somewhat horrendous).
> >
> > Would others like to see this?  How would you like it to work?
> 
> I do think this would be a useful feature.  Some properties I'd find 
> useful:

<snip>

I should read more carefully. This proposal is far more sophisticated
than what I'm doing -- I'd like to see this as a feature with
properties like Carsten proposes within org mode.

-- 
John Rakestraw

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

[-- Attachment #2: Type: text/plain, Size: 149 bytes --]

_______________________________________________
Emacs-orgmode mailing list
Emacs-orgmode@gnu.org
http://lists.gnu.org/mailman/listinfo/emacs-orgmode

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 14:04 ` Carsten Dominik
  2007-08-31 15:26   ` John Rakestraw
@ 2007-08-31 19:28   ` John Wiegley
  2007-09-01 10:29     ` Carsten Dominik
  2007-09-02  8:20     ` Xavier Maillard
  2007-08-31 21:11   ` Austin Frank
  2007-09-02  8:20   ` Xavier Maillard
  3 siblings, 2 replies; 23+ messages in thread
From: John Wiegley @ 2007-08-31 19:28 UTC (permalink / raw)
  To: emacs-orgmode

Carsten Dominik <dominik@science.uva.nl> writes:

> I do think this would be a useful feature.  Some properties I'd find useful:
>
> - Use symmetric encryption
>
> - Be able to recognize if an entry is encrypted
>
> - Leave the headline of the entry alone and only encrypt the text below it
> and the subtree, if present
>
> - Support something like a CRYPT tag, leading to automatic encryption when
> the file is saved, to make sure encrypted entries are never saved in clear
> text.
>
> - Use only a single password per file, so once one entry is decrypted,
>   others will open without an additional password prompt.
>
> Something like this.

Yes, this is just what I'm thinking too, though I'd like the option of binding
different CRYPT tags to different keys or passwords.  So, I could have
WORK_CRYPT, HOME_CRYPT, etc., and each would have its own separate protection.
This would allow multiple people to have their own private regions within the
same org-mode file.

allout.el goes a long way toward providing all of the above, I just wasn't
fond of the mechanism (I tried porting it straight to org-mode one day, then
stopped).  For one thing, I want to use my GnuPG public key for encryption,
not a symmetric cipher.  That needs to be configurable.

I should be able to create an external module for this that does not affect
org.el at all, but just adds keybindings to org-mode-map and after-save-hook.

John

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 14:04 ` Carsten Dominik
  2007-08-31 15:26   ` John Rakestraw
  2007-08-31 19:28   ` John Wiegley
@ 2007-08-31 21:11   ` Austin Frank
  2007-09-01  5:10     ` Anupam Sengupta
  2007-09-03  1:00     ` Xavier Maillard
  2007-09-02  8:20   ` Xavier Maillard
  3 siblings, 2 replies; 23+ messages in thread
From: Austin Frank @ 2007-08-31 21:11 UTC (permalink / raw)
  To: emacs-orgmode

On Fri, Aug 31 2007, Carsten Dominik wrote:

> I do think this would be a useful feature.  Some properties I'd find
> useful:
>
> ...
>

If you're interested in using GPG to accomplish these goals, I highly
recommend the EasyPG (EPG) package created by Daiki Ueno.  At this
point I believe it's mostly used for Gnus, but it's intended to be a
general-purpose GPG interface for Emacs.

http://www.easypg.org
http://sourceforge.jp/projects/epg

HTH,
/au

-- 
Austin Frank
http://aufrank.net
GPG Public Key (D7398C2F): http://aufrank.net/personal.asc

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 21:11   ` Austin Frank
@ 2007-09-01  5:10     ` Anupam Sengupta
  2007-09-01  6:54       ` Austin Frank
  2007-09-04  4:49       ` Dmitri Minaev
  2007-09-03  1:00     ` Xavier Maillard
  1 sibling, 2 replies; 23+ messages in thread
From: Anupam Sengupta @ 2007-09-01  5:10 UTC (permalink / raw)
  To: emacs-orgmode

>>>>> "Austin" == Austin Frank <austin.frank@gmail.com> writes:

    Austin> If you're interested in using GPG to accomplish these goals, I highly
    Austin> recommend the EasyPG (EPG) package created by Daiki Ueno.  At this
    Austin> point I believe it's mostly used for Gnus, but it's intended to be a
    Austin> general-purpose GPG interface for Emacs.

    Austin> http://www.easypg.orghttp://sourceforge.jp/projects/epg

I use epg to encrypt the org-mode files. EPG expects the files to have a suffix
of .gpg, which conflicts with the .org suffix - however, I circumvent this with
a file local mode setting as the first line in my org files:

# -*- mode: org; epa-file-encrypt-to: ("<my private key email ID here>"); coding: utf-8-unix; -*-

This allows the file's major mode to be Org-mode.

In addition, the archive files are also encrypted, and hence an over-ride is
needed for the file name (otherwise the defaults will conflict):

I have ...

#+ARCHIVE: ~/org/<filename>.org_archive.gpg::

In my active Org files - which works fine for the archival process, and ensures
that the archives are also encrypted.

The other epg settings you need are:

     (require 'epa-setup) ;; In your .emacs file

and of course the correct SSH settings and the key setup externally.

This configuration works great on both OS X and Windows XP (Home and work for
me).

For Windows, I had to override the epa-gpg-program name to point to the cygwin version:

     (setq epg-gpg-program "/cygwin/bin/gpg.exe") ;; For Windows.


HTH,
-- 
Anupam

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-09-01  5:10     ` Anupam Sengupta
@ 2007-09-01  6:54       ` Austin Frank
  2007-09-03  1:00         ` Xavier Maillard
  2007-09-04  4:49       ` Dmitri Minaev
  1 sibling, 1 reply; 23+ messages in thread
From: Austin Frank @ 2007-09-01  6:54 UTC (permalink / raw)
  To: emacs-orgmode

On Sat, Sep 01 2007, Anupam Sengupta wrote:

> I use epg to encrypt the org-mode files. EPG expects the files to have
> a suffix of .gpg, which conflicts with the .org suffix - however, I
> circumvent this with a file local mode setting as the first line in my
> org files:
>
> # -*- mode: org; epa-file-encrypt-to: ("<my private key email ID here>"); coding: utf-8-unix; -*-
>
> This allows the file's major mode to be Org-mode.
>
> In addition, the archive files are also encrypted, and hence an
> over-ride is needed for the file name (otherwise the defaults will
> conflict):
>
> I have ...
>
> #+ARCHIVE: ~/org/<filename>.org_archive.gpg::
>
> In my active Org files - which works fine for the archival process,
> and ensures that the archives are also encrypted.

A few other options:

    - EPG also has the function epa-encrypt-region.  It asks for a
      recipient's key to use for encrypting, and does symmetric
      encryption if none is selected.  This could be used to selectively
      encrypt certain subtrees.  Especially given that...

    - message-mode has functions like mml-secure-encrypt (there are lots
      of others in the mml-secure-* family).  These functions use the
      strategy of inserting tags around the region to be encrypted.  I
      haven't actually read the functions, but from the outside it looks
      like the tags are used to set the region, the region is
      encrypted/signed, and then the tags are removed from the outgoing
      copy of the message.  FWIW, the tags look like (the leading # was
      added by me to keep the tag from actually doing anything in this
      message):

#        <#secure method=pgpmime mode=sign>
         

For interactive encrypting, I think epa-encrypt-region is probably
already good enough to do what folks have asked for.  For permanently
marking a subtree for encryption, maybe we could set a property like
ENCRYPT_CHILDREN, or set pairs of properties like ENCRYPT_BEGIN and
ENCRYPT_END.  The presence of these properties would cause the
appropriate region to be selected and passed to epa-encrypt-region when
org-encrypt-subtrees or org-encrypt-buffer is called (just speculating
about some possible function names).  Maybe on org-encrypt-buffer the
default is to call epa-encrypt-file unless some portion of the file is
marked for encryption, in which case it calls epa-encrypt-region on the
appropriate text.

The values of the ENCRYPT_* properties could be the key to use, or just
t.  If the value is t, either the key will be pulled from a file-level
variable, or the user will be prompted for which key to use (as
epa-encrypt-region normally does).

Thanks,
/au

-- 
Austin Frank
http://aufrank.net
GPG Public Key (D7398C2F): http://aufrank.net/personal.asc

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 19:28   ` John Wiegley
@ 2007-09-01 10:29     ` Carsten Dominik
  2007-09-02  8:20     ` Xavier Maillard
  1 sibling, 0 replies; 23+ messages in thread
From: Carsten Dominik @ 2007-09-01 10:29 UTC (permalink / raw)
  To: John Wiegley; +Cc: emacs-orgmode


On Aug 31, 2007, at 21:28, John Wiegley wrote:

> Carsten Dominik <dominik@science.uva.nl> writes:
>
>> I do think this would be a useful feature.  Some properties I'd find 
>> useful:
>>
>> - Use symmetric encryption
>>
>> - Be able to recognize if an entry is encrypted
>>
>> - Leave the headline of the entry alone and only encrypt the text 
>> below it
>> and the subtree, if present
>>
>> - Support something like a CRYPT tag, leading to automatic encryption 
>> when
>> the file is saved, to make sure encrypted entries are never saved in 
>> clear
>> text.
>>
>> - Use only a single password per file, so once one entry is decrypted,
>>   others will open without an additional password prompt.
>>
>> Something like this.
>
> Yes, this is just what I'm thinking too, though I'd like the option of 
> binding
> different CRYPT tags to different keys or passwords.  So, I could have
> WORK_CRYPT, HOME_CRYPT, etc., and each would have its own separate 
> protection.
> This would allow multiple people to have their own private regions 
> within the
> same org-mode file.

Excellent idea, I did not think about this possibility.

> I should be able to create an external module for this that does not 
> affect
> org.el at all, but just adds keybindings to org-mode-map and 
> after-save-hook.

Cool.  Please do!

I have tried to read the allout documentation about it and found
it entirely undigestible for the cryptographically uninitiated.
I hope you can explain it better.

- Carsten

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 14:04 ` Carsten Dominik
                     ` (2 preceding siblings ...)
  2007-08-31 21:11   ` Austin Frank
@ 2007-09-02  8:20   ` Xavier Maillard
  3 siblings, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-02  8:20 UTC (permalink / raw)
  To: Carsten Dominik; +Cc: johnw, emacs-orgmode

Hi Carsten,

   - Support something like a CRYPT tag, leading to automatic
      encryption when the file is saved, to make sure
      encrypted entries are never saved in clear text.

http://www.emacswiki.org/cgi-bin/wiki/mc-auto-encrypt.el is what
I am currently using for a whole file. Currently I encrypt a full
file and not "sections" of a file.

   - Use only a single password per file, so once one entry is decrypted,
      others will open without an additional password prompt.

Maybe support multiple passwords since, as per Bastien request,
we could easily have to share the same org file and thus, have
different encrypted sections (one per user). I'd rather want this
than a single password file or at least, as an option.


	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 15:00 ` Bastien
@ 2007-09-02  8:20   ` Xavier Maillard
  0 siblings, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-02  8:20 UTC (permalink / raw)
  To: Bastien; +Cc: emacs-orgmode


   John Wiegley <johnw@newartisans.com> writes:

   > I'm not sure if anyone has mentioned this, but one feature I'd like to
   > see is the ability to hit a keystroke and have the current outline
   > entry encrypted or decrypted. allout.el does this now (although I find
   > the implementation somewhat horrendous).
   >
   > Would others like to see this?  How would you like it to work?

   This would be great. I guess it would allow several people work together
   on a single Org file while each being able to preserve a private space.

I second that. This is something I would like to see implemented
too. Currently, I am using separate org files to hide « private »
informations.

So +1 for this.

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 19:28   ` John Wiegley
  2007-09-01 10:29     ` Carsten Dominik
@ 2007-09-02  8:20     ` Xavier Maillard
  2007-09-02 20:14       ` John Wiegley
  1 sibling, 1 reply; 23+ messages in thread
From: Xavier Maillard @ 2007-09-02  8:20 UTC (permalink / raw)
  To: John Wiegley; +Cc: emacs-orgmode

Hi John,

[congratulations for your paper on your org usage, this is wonderful]

   Yes, this is just what I'm thinking too, though I'd like the option of binding
   different CRYPT tags to different keys or passwords.  So, I could have
   WORK_CRYPT, HOME_CRYPT, etc., and each would have its own separate protection.
   This would allow multiple people to have their own private regions within the
   same org-mode file.

I agree with that.

   allout.el goes a long way toward providing all of the above, I just wasn't
   fond of the mechanism (I tried porting it straight to org-mode one day, then
   stopped).  For one thing, I want to use my GnuPG public key for encryption,
   not a symmetric cipher.  That needs to be configurable.

I do not see how you would use multiple keys/password per file
with only your GNUpg key. Did I miss something here ?


	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-08-31 15:23 ` Scott Jaderholm
@ 2007-09-02  8:21   ` Xavier Maillard
  0 siblings, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-02  8:21 UTC (permalink / raw)
  To: Scott Jaderholm; +Cc: johnw, emacs-orgmode

Hi,

   I currently encrypt a lot of my org files with gpg symmetric encryption
   using http://www.easypg.org/. I open the file as if it were a normal file
   and emacs asks me the password. With a mode line at the start of the file
   org mode comes up fine.

Does it support encrypting of only a part of a file or does it
need to encrypt the whole file (as several other modes do) ?

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-09-02  8:20     ` Xavier Maillard
@ 2007-09-02 20:14       ` John Wiegley
  2007-09-03  1:00         ` Xavier Maillard
  0 siblings, 1 reply; 23+ messages in thread
From: John Wiegley @ 2007-09-02 20:14 UTC (permalink / raw)
  To: emacs-orgmode

Xavier Maillard <xma@gnu.org> writes:

> [congratulations for your paper on your org usage, this is wonderful]

Thanks. :)

>    allout.el goes a long way toward providing all of the above, I just
>    wasn't fond of the mechanism (I tried porting it straight to org-mode one
>    day, then stopped).  For one thing, I want to use my GnuPG public key for
>    encryption, not a symmetric cipher.  That needs to be configurable.
>
> I do not see how you would use multiple keys/password per file
> with only your GNUpg key. Did I miss something here ?

I do have multiple keys -- one for work, one for personal, for example.

John

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Re: Feature request: Selective encryption
  2007-08-31 21:11   ` Austin Frank
  2007-09-01  5:10     ` Anupam Sengupta
@ 2007-09-03  1:00     ` Xavier Maillard
  1 sibling, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-03  1:00 UTC (permalink / raw)
  To: Austin Frank; +Cc: emacs-orgmode

   At this point I believe it's mostly used for Gnus, but it's
   intended to be a general-purpose GPG interface for Emacs.

EPG is not targeted at Gnus at all. I am using it outside of Gnus
and it just works. Why do you think it is Gnus-centric ?

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Feature request: Selective encryption
  2007-09-02 20:14       ` John Wiegley
@ 2007-09-03  1:00         ` Xavier Maillard
  0 siblings, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-03  1:00 UTC (permalink / raw)
  To: John Wiegley; +Cc: emacs-orgmode

Hi John,

   > I do not see how you would use multiple keys/password per file
   > with only your GNUpg key. Did I miss something here ?

   I do have multiple keys -- one for work, one for personal, for example.

I guessed it was the case :)

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Re: Feature request: Selective encryption
  2007-09-01  6:54       ` Austin Frank
@ 2007-09-03  1:00         ` Xavier Maillard
  0 siblings, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-03  1:00 UTC (permalink / raw)
  To: Austin Frank; +Cc: emacs-orgmode

Hi,

   A few other options:

       - EPG also has the function epa-encrypt-region.  It asks for a
	 recipient's key to use for encrypting, and does symmetric
	 encryption if none is selected.  This could be used to selectively
	 encrypt certain subtrees.  Especially given that...

       - message-mode has functions like mml-secure-encrypt (there are lots
	 of others in the mml-secure-* family).  These functions use the
	 strategy of inserting tags around the region to be encrypted.  I
	 haven't actually read the functions, but from the outside it looks
	 like the tags are used to set the region, the region is
	 encrypted/signed, and then the tags are removed from the outgoing
	 copy of the message.  FWIW, the tags look like (the leading # was
	 added by me to keep the tag from actually doing anything in this
	 message):

   #        <#secure method=pgpmime mode=sign>

As a personnal taste, I'd rather want using message-mode since it
is already part of the official GNU Emacs distribution. For the
rest, up to Carsten to see what to use.

   The values of the ENCRYPT_* properties could be the key to use, or just
   t.  If the value is t, either the key will be pulled from a file-level
   variable, or the user will be prompted for which key to use (as
   epa-encrypt-region normally does).

I love this idea. That's the easiest I could think of too.
Instead of t, I think ENCRYPT_PROMPT would be a best (no need to
be an elisp expert to understand it).

Regards,

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Re: Feature request: Selective encryption
  2007-09-01  5:10     ` Anupam Sengupta
  2007-09-01  6:54       ` Austin Frank
@ 2007-09-04  4:49       ` Dmitri Minaev
  2007-09-05  1:00         ` Xavier Maillard
  1 sibling, 1 reply; 23+ messages in thread
From: Dmitri Minaev @ 2007-09-04  4:49 UTC (permalink / raw)
  To: Anupam Sengupta; +Cc: emacs-orgmode

On 9/1/07, Anupam Sengupta <anupamsg@gmail.com> wrote:
> I use epg to encrypt the org-mode files. EPG expects the files to have a suffix
> of .gpg, which conflicts with the .org suffix - however, I circumvent this with
> a file local mode setting as the first line in my org files:

I use crypt++.el, and I save the encrypted files with double
extension: filename.org.gpg. Such files are opened in org-mode after
decryption.

-- 
With best regards,
Dmitri Minaev

Russian history blog: http://minaev.blogspot.com

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Re: Feature request: Selective encryption
  2007-09-04  4:49       ` Dmitri Minaev
@ 2007-09-05  1:00         ` Xavier Maillard
  2007-09-05  4:18           ` Dmitri Minaev
  0 siblings, 1 reply; 23+ messages in thread
From: Xavier Maillard @ 2007-09-05  1:00 UTC (permalink / raw)
  To: Dmitri Minaev; +Cc: anupamsg, emacs-orgmode

   I use crypt++.el, and I save the encrypted files with double
   extension: filename.org.gpg. Such files are opened in org-mode after
   decryption.

Do you have code to automatically decrypt your org file when
selecting them -i.e. find-file and friends ?

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Re: Feature request: Selective encryption
  2007-09-05  1:00         ` Xavier Maillard
@ 2007-09-05  4:18           ` Dmitri Minaev
  2007-09-10  1:00             ` Xavier Maillard
  0 siblings, 1 reply; 23+ messages in thread
From: Dmitri Minaev @ 2007-09-05  4:18 UTC (permalink / raw)
  To: Xavier Maillard; +Cc: anupamsg, emacs-orgmode

On 9/5/07, Xavier Maillard <xma@gnu.org> wrote:
>    I use crypt++.el, and I save the encrypted files with double
>    extension: filename.org.gpg. Such files are opened in org-mode after
>    decryption.
>
> Do you have code to automatically decrypt your org file when
> selecting them -i.e. find-file and friends ?

Er, well, nothing special. Just the very basic

(require 'crypt++)
(setq crypt-encryption-type 'gpg)

When I try to find-file or write-file with the extension .gpg, it asks
me for a password, de-/encrypts it and sets the current major mode
depending on the part of the filename immediately preceding .gpg. So,
when I open my pwd.org.gpg list, it's opened in org-mode.

-- 
With best regards,
Dmitri Minaev

Russian history blog: http://minaev.blogspot.com

^ permalink raw reply	[flat|nested] 23+ messages in thread

* Re: Re: Feature request: Selective encryption
  2007-09-05  4:18           ` Dmitri Minaev
@ 2007-09-10  1:00             ` Xavier Maillard
  0 siblings, 0 replies; 23+ messages in thread
From: Xavier Maillard @ 2007-09-10  1:00 UTC (permalink / raw)
  To: Dmitri Minaev; +Cc: anupamsg, emacs-orgmode


   On 9/5/07, Xavier Maillard <xma@gnu.org> wrote:
   >    I use crypt++.el, and I save the encrypted files with double
   >    extension: filename.org.gpg. Such files are opened in org-mode after
   >    decryption.
   >
   > Do you have code to automatically decrypt your org file when
   > selecting them -i.e. find-file and friends ?

   Er, well, nothing special. Just the very basic

   (require 'crypt++)
   (setq crypt-encryption-type 'gpg)

Hum ok pretty easy ;)

	Xavier
-- 
http://www.gnu.org
http://www.april.org
http://www.lolica.org

^ permalink raw reply	[flat|nested] 23+ messages in thread

end of thread, other threads:[~2007-09-10  1:32 UTC | newest]

Thread overview: 23+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-08-31  3:10 Feature request: Selective encryption John Wiegley
2007-08-31 13:34 ` John Rakestraw
2007-08-31 14:04 ` Carsten Dominik
2007-08-31 15:26   ` John Rakestraw
2007-08-31 19:28   ` John Wiegley
2007-09-01 10:29     ` Carsten Dominik
2007-09-02  8:20     ` Xavier Maillard
2007-09-02 20:14       ` John Wiegley
2007-09-03  1:00         ` Xavier Maillard
2007-08-31 21:11   ` Austin Frank
2007-09-01  5:10     ` Anupam Sengupta
2007-09-01  6:54       ` Austin Frank
2007-09-03  1:00         ` Xavier Maillard
2007-09-04  4:49       ` Dmitri Minaev
2007-09-05  1:00         ` Xavier Maillard
2007-09-05  4:18           ` Dmitri Minaev
2007-09-10  1:00             ` Xavier Maillard
2007-09-03  1:00     ` Xavier Maillard
2007-09-02  8:20   ` Xavier Maillard
2007-08-31 15:00 ` Bastien
2007-09-02  8:20   ` Xavier Maillard
2007-08-31 15:23 ` Scott Jaderholm
2007-09-02  8:21   ` Xavier Maillard

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).