From 2b472f041e13121c9582e9b4d0ca24db2219a184 Mon Sep 17 00:00:00 2001 From: Distix listener Date: Wed, 22 Jun 2016 00:45:06 +0200 Subject: imported mails --- .../Maildir/new/1466549105.M218669P15702Q1.hrun | 158 +++++++++++++++++++++ 1 file changed, 158 insertions(+) create mode 100644 tickets/cb75a21b4a874f86ba49e06ae8d887fc/Maildir/new/1466549105.M218669P15702Q1.hrun (limited to 'tickets/cb75a21b4a874f86ba49e06ae8d887fc') diff --git a/tickets/cb75a21b4a874f86ba49e06ae8d887fc/Maildir/new/1466549105.M218669P15702Q1.hrun b/tickets/cb75a21b4a874f86ba49e06ae8d887fc/Maildir/new/1466549105.M218669P15702Q1.hrun new file mode 100644 index 0000000..ca1afe9 --- /dev/null +++ b/tickets/cb75a21b4a874f86ba49e06ae8d887fc/Maildir/new/1466549105.M218669P15702Q1.hrun @@ -0,0 +1,158 @@ +Return-Path: +X-Original-To: distix@pieni.net +Delivered-To: distix@pieni.net +Received: from bagpuss.pepperfish.net (bagpuss.pepperfish.net [148.251.8.16]) + (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) + (No client certificate requested) + by pieni.net (Postfix) with ESMTPS id DC1372122D + for ; Wed, 22 Jun 2016 00:43:51 +0200 (CEST) +Received: from platypus.pepperfish.net (unknown [10.112.100.20]) + by bagpuss.pepperfish.net (Postfix) with ESMTP id 6E209CBE; + Tue, 21 Jun 2016 23:43:51 +0100 (BST) +Received: from ip6-localhost ([::1] helo=platypus.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1bFUOd-0002uQ-8h; Tue, 21 Jun 2016 23:43:51 +0100 +Received: from inmail0 ([10.112.100.10] helo=mx0.pepperfish.net) + by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian)) + id 1bFUOb-0002u7-N5 + for ; Tue, 21 Jun 2016 23:43:49 +0100 +Received: from smtp.gentoo.org ([140.211.166.183]) + by mx0.pepperfish.net with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) + (Exim 4.80) (envelope-from ) id 1bFUOY-0006Mu-4A + for obnam-dev@obnam.org; Tue, 21 Jun 2016 23:43:49 +0100 +Received: from grubbs.orbis-terrarum.net (localhost [127.0.0.1]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) + (No client certificate requested) + by smtp.gentoo.org (Postfix) with ESMTPS id D0ED2340813 + for ; Tue, 21 Jun 2016 22:43:29 +0000 (UTC) +Received: (qmail 6771 invoked by uid 10000); 21 Jun 2016 22:43:30 -0000 +Date: Tue, 21 Jun 2016 22:43:29 +0000 +From: "Robin H. Johnson" +To: obnam-support@obnam.org, obnam-dev@obnam.org +Message-ID: +References: <20160619083904.GA18768@orbis-terrarum.net> + +MIME-Version: 1.0 +In-Reply-To: +User-Agent: Mutt/1.5.24 (2015-08-30) +X-Spam-Score: -9.8 +X-Spam-Score-int: -97 +X-Spam-Bar: --------- +X-Scanned-By: pepperfish.net, Tue, 21 Jun 2016 23:43:49 +0100 +X-Spam-Report: Content analysis details: (-9.8 points) + pts rule name description + ---- ---------------------- -------------------------------------------------- + -1.0 PPF_USER_AGENT_MUTT User-Agent: contains Mutt (Mutt isn't a spam + tool) -0.5 PPF_USER_AGENT User-Agent: exists + -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/, high + trust [140.211.166.183 listed in list.dnswl.org] + -0.0 SPF_PASS SPF: sender matches SPF record + -1.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain + -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% + [score: 0.0000] +X-ACL-Warn: message may be spam +X-Scan-Signature: 87e18d81b9e4f41a85b0d3590907fca5 +Subject: Re: [1/2] GPG & performance: a deep-dive +X-BeenThere: obnam-dev@obnam.org +X-Mailman-Version: 2.1.5 +Precedence: list +Reply-To: obnam-support@obnam.org, obnam-dev@obnam.org +List-Id: Obnam development discussions +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Content-Type: multipart/mixed; boundary="===============4727345661079074573==" +Mime-version: 1.0 +Sender: obnam-dev-bounces@obnam.org +Errors-To: obnam-dev-bounces@obnam.org + + +--===============4727345661079074573== +Content-Type: multipart/signed; micalg=pgp-sha1; + protocol="application/pgp-signature"; boundary="2WS97oupGEGbYNpW" +Content-Disposition: inline + + +--2WS97oupGEGbYNpW +Content-Type: text/plain; charset=iso-8859-1 +Content-Disposition: inline +Content-Transfer-Encoding: quoted-printable + +On Sun, Jun 19, 2016 at 10:53:37PM +0200, Adrien CLERC wrote: +> Le 19/06/2016 =E0 10:39, Robin H. Johnson a =E9crit : +> > - Plan for moving to PyCrypto or other for symmetric crypto +> I totally understand the goal, and can only support you. However, +> PyCrypto is not compatible with PyPy, as 'Cryptography' is. That's why +> paramiko did the switch recently (http://www.paramiko.org/changelog.html). +> Based on https://github.com/paramiko/paramiko/pull/394 it seems that the +> switch is better on every aspect. Do you have the time to inspect this +> solution? +If you look at email 2/2, the big concern isn't which toolkit we pick, +but that the data can be linked to the correct toolkit when it comes +time to decrypt it later, and that old chunks are also still correctly +handled. + +I have used Crytography.io elsewhere, and it was on par with PyCrypto +performance for what I was doing, but I didn't benchmark heavily. + +At that point, with files including a header that describes how we need +to handle them, encryption.py can become an interface, and we can +implement many variations.=20 + +Example variations: +1. Pure GPG (present state) +2. GPG for asymmetric, PyCrypto/Cryptography.io/PyNaCl for symmetric +3. Pure PyCrypto/Cryptography.io/PyNaCl +4. Upgrade path variations - Read ANY, write Y + +#2 would be a trivial upgrade for existing repos: just upgrade all of +your clients and enable it. Old chunks would continue to be encrypted +with GPG, and still readable, while new chunks are generated much +faster. + +If you don't care about the above, you can have a PyCrypto or +Cryptography.io implementation tomorrow, but recovering your data in +future disasters will be much more painful. + +--=20 +Robin Hugh Johnson +Gentoo Linux: Dev, Infra Lead, Foundation Trustee & Treasurer +E-Mail : robbat2@gentoo.org +GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 +GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 + +--2WS97oupGEGbYNpW +Content-Type: application/pgp-signature; name="signature.asc" +Content-Description: Digital signature + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1 +Comment: Robbat2 @ Orbis-Terrarum Networks - The text below is a digital signature. If it doesn't make any sense to you, ignore it. + +iKYEARECAGYFAldpwxBfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl +bnBncC5maWZ0aGhvcnNlbWFuLm5ldDc1OTQwNEJFQkQ0MUY3MTIzODIzODZFRjNF +OTIyQzIyMzIzM0MyMkMACgkQPpIsIjIzwizm1ACgnQMll9fpg5G01pRPTDOkF+uu +n9IAoNjSLlDK1Oz5NGGlaIt7DWcAqatu +=jmne +-----END PGP SIGNATURE----- + +--2WS97oupGEGbYNpW-- + + +--===============4727345661079074573== +Content-Type: text/plain; charset="us-ascii" +MIME-Version: 1.0 +Content-Transfer-Encoding: 7bit +Content-Disposition: inline + +_______________________________________________ +obnam-dev mailing list +obnam-dev@obnam.org +http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org + +--===============4727345661079074573==-- + -- cgit v1.2.1