Using PGP keys to sign documents, helpful for needauth converters?

Richard Kimberly Heck rikiheck at lyx.org
Mon Jul 6 15:40:57 UTC 2020


On 7/6/20 11:20 AM, Scott Kostyshak wrote:
> Suppose I have a document that needs a needauth converter (e.g., knitr).
> Currently, I need to authorize each document, and then the document path
> is stored in the session file (under "auth files"). I like this, and it
> makes me feel more comfortable compiling documents I download from
> untrusted sources (e.g., when trying to help someone). However, I find
> it annoying when I try to compile my own documents that are older. I
> could just be careful to preserve the session file so that it remembers
> all of the ones that I have authorized, but I wonder if it would be
> interesting to allow signing of .lyx files with PGP keys. That way, if I
> open a document that is signed by a key that I have in my keyring, there
> is no need to ask for authorization. What are your thoughts on this?

This sounds like an excellent idea. How to implement it?


> One thing I thought about was the policy "whenever I save a document, it
> should be automatically signed", but after thinking more, that does not
> seem like a good idea. I might download a random document from the
> internet, and then do some edits to remove some stuff that I don't think
> is relevant to the problem (i.e., make it more of an MWE), and then just
> save it out of habit, and then compile. A better approach might be the
> policy "whenever I save a document that I've previously signed, the new
> version is automatically signed".

Of course, there could be various options here. "Save", "Save and sign",
etc.

Riki




More information about the lyx-devel mailing list