Using PGP keys to sign documents, helpful for needauth converters?
Pavel Sanda
sanda at lyx.org
Tue Jul 7 08:28:59 UTC 2020
On Mon, Jul 06, 2020 at 01:44:30PM -0400, Scott Kostyshak wrote:
Nice, signing .lyx files could have broader use than just your reported case.
> A few disorganized ideas:
>
> - We could use a separate file format. Just like how we allow a LyX file
> to be compressed, we could allow it to be of type "signed". The
> "signed" file format could just be a compressed directory that
> contains a .lyx file and a signature file. But that doesn't seem like
> the smoothest option, since it would make things like tracking changes
> in Git less useful.
>
> - I'm not familiar with LyX's file writing process. I guess we could
> save a temporary .lyx file as usual, then sign it, then store that
> signature in the user-saved .lyx. This would cause a little bit of
> noise when tracking changes with Git (any small change would change
> the signature), but that shouldn't be too annoying in my opinion.
Untill we have embedded format (which is likely not going to happen)
I would slightly prefer second solution so that we don't introduce
yet another .lyx format to handle. As you write this would break
change tracking for users enabling the feature, OTOH if you use
some compressed file format you are going to break tracking even more, no?
And are we still having different EOLNs in linux/win/mac upon saving?
Pavel
More information about the lyx-devel
mailing list