[Popcon-developers] branch bill-encrypt

Bill Allombert Bill.Allombert at math.u-bordeaux1.fr
Tue Jun 18 23:16:16 UTC 2013


On Mon, May 20, 2013 at 12:21:00AM +0200, Bill Allombert wrote:
> Dear popular contestants,
> 
> I have pushed a branch bill-encrypt with the client side part.
> Do not use it yet.
> 
> The public key is available at
> <http://popcon.debian.org/debian-popcon.gpg>
> for testing. 
> cron.daily should create a encrypted file
> /var/log/popularity-contest.gpg
> 
> I need to change the CGI script to allow encrypted report.
> For some reason it try to read the popcon ID which will not
> be possible.
> I also need to rewrite prepop.pl to deal with encrypted report.
> In particular I need to validate the decrypted data. 

I finally managed to fix all that. So starting today, popcon.d.o accept
reports encrypted with the key above. 
I will release popcon 1.58 with encryption defaulting to "no" so people
will be able to test by enabling it manually. Once testing are successful,
I will set encryption defaulting to "yes".

However I have a concern with the dependency on gpg:
Currently, apt depends on gpg so gpg is available on 99% of debian systems.
However apt is planning to only recommends gpg.
Currently popcon 1.58 revert to unencrypted submissions when gpg is not available,
and popcon only Recommends gpg (because it supports unencrypted submissions).
However this means that a user might remove gpg and unwillingly submit unencrypted
report. So maybe we need an option for 'gpg-only'.

Cheers,
-- 
Bill. <ballombe at debian.org>

Imagine a large red swirl here. 



More information about the Popcon-developers mailing list