Re: [Popcon-developers] Encrypted popcon submissions

Bill Allombert writes ("Re: [Popcon-developers] Encrypted popcon submissions"): > I just released popularity-contest 1.60 with encryption enabled by default. Well done. Thanks, Ian. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "uns

Re: [Popcon-developers] Encrypted popcon submissions

On Sun, Aug 04, 2013 at 03:54:25PM +0200, Bill Allombert wrote: > Well I have fixed this problem in popcon 1.59 by using a temporary GPGHOME > that I remove afterward. > > If no more problem are found, I will release 1.60 in September with > ENCRYPT=maybe > by default (i.e. encrypt if gpg is avai

Re: [Popcon-developers] Encrypted popcon submissions

On Wed, Jul 10, 2013 at 04:14:02PM +0200, Bill Allombert wrote: > On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote: > > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote: > > > Dear Debian people, > > > > > > I upload popularity-contest 1.58 which add support for encrypt

Re: [Popcon-developers] Encrypted popcon submissions

On Fri, Jul 12, 2013 at 10:30:49PM +, brian m. carlson wrote: > On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote: > > GPG=/usr/bin/gpg > > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then > > POPCONGPG="$POPCON.gpg" > > rm -f "$POPCONGPG" > > $GPG --no-default-keyring --keyr

Re: [Popcon-developers] Encrypted popcon submissions

On Sat, 2013-07-13 at 15:32:15 +, brian m. carlson wrote: > On Sat, Jul 13, 2013 at 02:33:57PM +0200, Guillem Jover wrote: > > Hmm, do you have a reference? I've looked in the gnupg git master and > > stable-2.0 branches and I don't see any obvious mention of this on the > > NEWS file, or commi

Re: [Popcon-developers] Encrypted popcon submissions

On Sat, Jul 13, 2013 at 02:33:57PM +0200, Guillem Jover wrote: > Hmm, do you have a reference? I've looked in the gnupg git master and > stable-2.0 branches and I don't see any obvious mention of this on the > NEWS file, or commit messages after a quick search. I'd fine it very > strange that such

Re: [Popcon-developers] Encrypted popcon submissions

Hi! On Fri, 2013-07-12 at 22:30:49 +, brian m. carlson wrote: > On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote: > > GPG=/usr/bin/gpg > > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then > > POPCONGPG="$POPCON.gpg" > > rm -f "$POPCONGPG" > > $GPG --no-default-keyring --key

Re: [Popcon-developers] Encrypted popcon submissions

On Fri, Jul 12, 2013 at 10:30:49PM +, brian m. carlson wrote: > On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote: > > GPG=/usr/bin/gpg > > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then > > POPCONGPG="$POPCON.gpg" > > rm -f "$POPCONGPG" > > $GPG --no-default-keyring --keyr

Re: [Popcon-developers] Encrypted popcon submissions

On Thu, Jul 11, 2013 at 03:33:21PM +0200, Bill Allombert wrote: > GPG=/usr/bin/gpg > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then > POPCONGPG="$POPCON.gpg" > rm -f "$POPCONGPG" > $GPG --no-default-keyring --keyring "$KEYRING" --trust-model=always \ I know you're using GnuPG 1.x here, but

Re: [Popcon-developers] Encrypted popcon submissions

On Thu, Jul 11, 2013 at 5:15 PM, Daniel Leidert wrote: > Am Donnerstag, den 11.07.2013, 15:33 +0200 schrieb Bill Allombert: > JFTR: The file secring.gpg can be avoided using > --secret-keyring=/dev/null but I don't know how to suppress the creation > of trustdb.gpg. Note that you can't use that f

Re: [Popcon-developers] Encrypted popcon submissions

Am Donnerstag, den 11.07.2013, 15:33 +0200 schrieb Bill Allombert: [use gpg but don't write to root/.gnupg] > Below is the code in /etc/cron.daily/popularity-contest > > GPG=/usr/bin/gpg > if [ "$ENCRYPT" = "yes" ] && [ -x "$GPG" ]; then > POPCONGPG="$POPCON.gpg" > rm -f "$POPCONGPG" > $GPG

Re: [Popcon-developers] Encrypted popcon submissions

On Wed, Jul 10, 2013 at 11:36:02PM +0200, Daniel Leidert wrote: > Am Mittwoch, den 10.07.2013, 16:14 +0200 schrieb Bill Allombert: > > On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote: > > > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote: > > > > Dear Debian people, >

Re: [Popcon-developers] Encrypted popcon submissions

Am Mittwoch, den 10.07.2013, 16:14 +0200 schrieb Bill Allombert: > On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote: > > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote: > > > Dear Debian people, > > > > > > I upload popularity-contest 1.58 which add support for encryp

Re: [Popcon-developers] Encrypted popcon submissions

On Tue, Jul 02, 2013 at 11:27:12PM +0200, Bill Allombert wrote: > On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote: > > Dear Debian people, > > > > I upload popularity-contest 1.58 which add support for encrypted > > submissions. > > For this release it is not activated by default.

Re: [Popcon-developers] Encrypted popcon submissions

On Fri, Jun 21, 2013 at 05:08:08PM +0200, Bill Allombert wrote: > Dear Debian people, > > I upload popularity-contest 1.58 which add support for encrypted submissions. > For this release it is not activated by default. > Please help test this feature by adding > ENCRYPT="yes" > to /etc/popularity

Re: [Popcon-developers] Encrypted popcon submissions

[Paul Wise] > This could be solved by having a mapping between encryption keys and > URLs. A mechanism that would allow derivatives to just drop some > files/dirs into their base-files package would probably be the > easiest. I suspect the easiest way would be to allow more than one GPG key to be

Re: [Popcon-developers] Encrypted popcon submissions

On Sat, Jun 22, 2013 at 12:00 PM, Petter Reinholdtsen wrote: > I suspect the new encryption feature would break > popcon.skolelinux.org, as we have not investigated the new feature and > use popularity-contest directly from Debian. Our collector would > start getting encrypted submissions and lac

Re: [Popcon-developers] Encrypted popcon submissions

[Paul Wise] > I wonder if the release team would accept a backport of these > features to popcon in stable/oldstable. GPG and time truncation are > security enhancements and reporting the dpkg Vendor field is very > useful and has no risks. Once GPG is tested, would you consider > doing a stable/ol

Re: [Popcon-developers] encrypted popcon submissions

On Thu, 16 May 2013, Bill Allombert wrote: > On Sat, May 11, 2013 at 11:43:25AM +0200, Bill Allombert wrote: > > > Why do you think this is too much for popov to handle? > > > > I did some benchmark. Currently popov CPU has about 20% of a real CPU. > > Currently processing the popcon data takes

Re: [Popcon-developers] encrypted popcon submissions

On Sat, May 11, 2013 at 11:43:25AM +0200, Bill Allombert wrote: > > Why do you think this is too much for popov to handle? > > I did some benchmark. Currently popov CPU has about 20% of a real CPU. > Currently processing the popcon data takes between 6h30 and 8h30. > At this rate decrypting the r

Re: [Popcon-developers] encrypted popcon submissions

On Sat, May 11, 2013 at 11:43:25AM +0200, Bill Allombert wrote: > On Fri, May 10, 2013 at 10:44:25PM +0200, Peter Palfrader wrote: > > On Fri, 10 May 2013, Bill Allombert wrote: > > > > > I am considering activating encryption of popularity-contest submissions > > > using public key cryptography t

Re: [Popcon-developers] encrypted popcon submissions

On Fri, May 10, 2013 at 09:53:25PM +0100, Ian Jackson wrote: > Bill Allombert writes ("encrypted popcon submissions"): > > The drawback is the computing cost on the server. Currently we are > > processing about 25000 report each days, which would require about 2 > > hours of 'real' CPU time to decr

Re: [Popcon-developers] encrypted popcon submissions

On Fri, May 10, 2013 at 10:44:25PM +0200, Peter Palfrader wrote: > On Fri, 10 May 2013, Bill Allombert wrote: > > > I am considering activating encryption of popularity-contest submissions > > using public key cryptography to protect popcon submission while in transit. > > Do you think the benefi