Re: Anyone up for a spot of sponsorship? (and perchance advocacy?)

[Liyang HU]

On Fri, Mar 28, 2003 at 02:16:12PM +, Andreas Metzler wrote:
> Liyang HU <[EMAIL PROTECTED]> wrote:
> > I was wondering if anyone would be willing to sponsor either or both
> > of yydecode[0]
> There is already a package with this name in the archive:
> | Package: yydecode
> | Version: 0.2.7-1
> Is your package related to this one, how does it compare it?

Yes. I wrote it. :D

The current maintainer hasn't updated it in quite a while now; there's
been two releases since 0.2.7, and I'm about to make another one
(0.2.10), so I was hoping to take it over for the next release.

Thanks,
/Liyang
-- 
.--{ Liyang HU }--{ http://nerv.cx/ }--{ [EMAIL PROTECTED] }--{ PGP: 7B632CB8 }--.
| ``Age and Treachery will always triumph over Youth and Skill'' --- |
| - Cambridge University Student Run Computing Facility Login Banner |


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Anyone up for a spot of sponsorship? (and perchance advocacy?)

[Itai Zukerman]

> Yes. I wrote it. :D
>
> The current maintainer hasn't updated it in quite a while now; there's
> been two releases since 0.2.7, and I'm about to make another one
> (0.2.10), so I was hoping to take it over for the next release.

You're welcome to take it over.  I haven't really been giving it the
attention it deserves (*blush*).

If you need a sponsor, I'd be happy to oblidge.

-- 
Itai Zukerman  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: RFS: faqomatic

[Francesco Paolo Lovergine]

On Tue, Mar 25, 2003 at 09:24:37AM -0500, Jereme Corrado wrote:
> Hello,
> 
> 
>   The current faqomatic maintainer has put the package up for
> adoption and has kindly agreed to let me take it over.  I have
> packaged the newest upstream version and am looking for a sponsor, any
> takers?
> 
> 

Me if you did not find yet anyone else. Please, provide pkg source
details.

-- 
Francesco P. Lovergine


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

RFS: worklog

[Emanuele Rocca]

Hello, 
I'm looking for a sponsor.

I would like to adopt worklog and the current maintainer says it's ok.

The new upstream release that I've packaged is available here:
http://members.xoom.it/debian01

Thanks in advance,
-- 
Emanuele Rocca  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: pgp 2.6.3i vs pgp5i vs gnupgp

[Matthias Urlichs]

Hi,

On Fri, 21 Mar 2003 08:31:37 +, Roland Mas wrote:
> Kevin Rosenberg (2003-03-20 12:40:17 -0700) :
>> I do the same. Additionally, I use the Debian cryptoapi and cryptoloop
>> kernel modules to encrypt the USB drive. I think the chance of losing
>> such a portable, small device is significant. With encryption, I feel
>> better about the possibility.
> 
> I'm wondering whether this brings any additional security.  Isn't the
> GPG private key stored in an encrypted form already?  Or do the
> cryptoloop and cryptoapi modules offer more than 128-bit encryption?
> 
The point seems to be that you now need to break _two_ encryptions (the
crypto disk and the secret key), so anybody who really wants to crack the
thing must do the work twice.

Unless your keyring is stolen, that doesn't protect you in any way; if
it's mounted, then you already entered the access password and $THIEF gets
the files decrypted for free.

If it does get stolen, the attacker needs to break the secret key's
encryption. That's exactly as difficult as breaking the encryption on any
file encoded with that key; in other words, if they can do that they don't
need the secret key in the first place.

Assuming that the attacker grabbed my keyboard input and has the
passphrase, well, they likely grabbed the passphrase for the encrypted
file system too, so again there's no better protection.

I do have an encrypted loopback file system on my USB drive. I need to put
my $random_sensitive_personal_stuff *somewhere*, after all. ;-) In the
past, the only problem was that I haven't yet found any crypt file system
that's usable from both Linux and W*nd*ws, but the Knoppix CD-ROMs took
care of _that_ "problem".

-- 
Matthias


pgp0.pgp
Description: signature

Re: greetings! - PennMUSH debian package

[Joel Baker]

On Mon, Mar 31, 2003 at 12:01:12AM -0500, Jon Eisenstein wrote:
> A few months back, I attempted to package TinyMUSH 3.0, but ran into some
> trouble with a few clauses that seemed to imply something wasn't quite DFSG
> free. I had submitted a report to the developers, and they expressed
> interest in making it compliant. I haven't really done much with the package
> since. For me, at least, it wasn't quite such an easy thing to package.
> 
> PennMUSH may be different, of course.
> >
> > > 1. Is the license for PennMUSH okay?
> >
> > If it's standard artistic, then yes.
> >
> >

Speaking as one of the developers of the TinyMUSH 2.2.4 Unofficial line
(and spouse to one of the TinyMUSH 2.2 Core folks) - be careful. Be very
careful. I don't currently have a backtrace of Penn's code genetics, but
TinyMUSH makes extensive use of old code, up to and including the last 3.0
release I bothered to dig into.

Said code, if it was licensed at all, was generally licensed with a "no
commercial use" or "no commercial use without permission from the authors"
clause. And since I know for a fact that some of the folks who wrote it
are either not clearly identified or no longer easy to get ahold if (since
I tried), I suggest treating any re-licensed work with skepticism. Just
because David and Lydia want to relicense 3.0 doesn't mean they have
sufficient permissions to accomplish it (legally).

This may apply far less to Penn; as I understand it, the Penn codebase
diverged at a much earlier point, and has a more consistant code history,
with fewer people involved in it.

(For the record; I *know* there's code in 3.0 that I wrote, which was
submitted under a casual 'whatever license the thing is already under'
view; I have not yet been asked about relicensing it; ergo, D&L have not
completed due diligence to try to relicense anything, yet).
-- 
Joel Baker <[EMAIL PROTECTED]>


pgpb3310TOa3l.pgp
Description: PGP signature

Re: Anyone up for a spot of sponsorship? (and perchance advocacy?)

[Liyang HU]

On Fri, Mar 28, 2003 at 02:16:12PM +, Andreas Metzler wrote:
> Liyang HU <[EMAIL PROTECTED]> wrote:
> > I was wondering if anyone would be willing to sponsor either or both
> > of yydecode[0]
> There is already a package with this name in the archive:
> | Package: yydecode
> | Version: 0.2.7-1
> Is your package related to this one, how does it compare it?

Yes. I wrote it. :D

The current maintainer hasn't updated it in quite a while now; there's
been two releases since 0.2.7, and I'm about to make another one
(0.2.10), so I was hoping to take it over for the next release.

Thanks,
/Liyang
-- 
.--{ Liyang HU }--{ http://nerv.cx/ }--{ [EMAIL PROTECTED] }--{ PGP: 7B632CB8 
}--.
| ``Age and Treachery will always triumph over Youth and Skill'' --- |
| - Cambridge University Student Run Computing Facility Login Banner |

Re: Anyone up for a spot of sponsorship? (and perchance advocacy?)

[Itai Zukerman]

> Yes. I wrote it. :D
>
> The current maintainer hasn't updated it in quite a while now; there's
> been two releases since 0.2.7, and I'm about to make another one
> (0.2.10), so I was hoping to take it over for the next release.

You're welcome to take it over.  I haven't really been giving it the
attention it deserves (*blush*).

If you need a sponsor, I'd be happy to oblidge.

-- 
Itai Zukerman  

Re: RFS: faqomatic

[Francesco Paolo Lovergine]

On Tue, Mar 25, 2003 at 09:24:37AM -0500, Jereme Corrado wrote:
> Hello,
> 
> 
>   The current faqomatic maintainer has put the package up for
> adoption and has kindly agreed to let me take it over.  I have
> packaged the newest upstream version and am looking for a sponsor, any
> takers?
> 
> 

Me if you did not find yet anyone else. Please, provide pkg source
details.

-- 
Francesco P. Lovergine

RFS: worklog

[Emanuele Rocca]

Hello, 
I'm looking for a sponsor.

I would like to adopt worklog and the current maintainer says it's ok.

The new upstream release that I've packaged is available here:
http://members.xoom.it/debian01

Thanks in advance,
-- 
Emanuele Rocca  

Re: pgp 2.6.3i vs pgp5i vs gnupgp

[Matthias Urlichs]

Hi,

On Fri, 21 Mar 2003 08:31:37 +, Roland Mas wrote:
> Kevin Rosenberg (2003-03-20 12:40:17 -0700) :
>> I do the same. Additionally, I use the Debian cryptoapi and cryptoloop
>> kernel modules to encrypt the USB drive. I think the chance of losing
>> such a portable, small device is significant. With encryption, I feel
>> better about the possibility.
> 
> I'm wondering whether this brings any additional security.  Isn't the
> GPG private key stored in an encrypted form already?  Or do the
> cryptoloop and cryptoapi modules offer more than 128-bit encryption?
> 
The point seems to be that you now need to break _two_ encryptions (the
crypto disk and the secret key), so anybody who really wants to crack the
thing must do the work twice.

Unless your keyring is stolen, that doesn't protect you in any way; if
it's mounted, then you already entered the access password and $THIEF gets
the files decrypted for free.

If it does get stolen, the attacker needs to break the secret key's
encryption. That's exactly as difficult as breaking the encryption on any
file encoded with that key; in other words, if they can do that they don't
need the secret key in the first place.

Assuming that the attacker grabbed my keyboard input and has the
passphrase, well, they likely grabbed the passphrase for the encrypted
file system too, so again there's no better protection.

I do have an encrypted loopback file system on my USB drive. I need to put
my $random_sensitive_personal_stuff *somewhere*, after all. ;-) In the
past, the only problem was that I haven't yet found any crypt file system
that's usable from both Linux and W*nd*ws, but the Knoppix CD-ROMs took
care of _that_ "problem".

-- 
Matthias


pgp3d6OhBeZPE.pgp
Description: signature