Re: Problems with new semantic package
On 8/12/02 11:52 AM, "Ville Skyttä" <ville.skytta(a)xemacs.org> wrote:
> The size of the package also made me stay away from upgrading the
Xemacs
> version:) Steve suggested I could have a minimal package and then allow
> users to download the rest of the bits on demand.
Yes, sounds sensible to me too.
> I was thinking what would be the best way to do this, to avoid security
> issues as well. Is there an Xemacs way to cryptographically sign files,
> which is independent on external packages like gpg or pgp? Or should I rely
> instead on Java security?
Hmm, the mailcrypt package? But it needs pgp/gpg... is that a problem?
xslt-process could always require mailcrypt in XEmacs. What files are
you planning to sign?
I was thinking to sign and authenticate the bits which get downloaded on
request, by the XSLT-process package. These are some Java jar files which
are not essential to the core functionality of the package, but are needed
to enable certain functionality.
I'll take a look at mailcrypt.
Regards,
Ovidiu