Re: parcimonie [Was: Check for revocation certificates before running apt-get?]

To: "debian-security\@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: parcimonie [Was: Check for revocation certificates before running apt-get?]
From: intrigeri <intrigeri@debian.org>
Date: Sun, 15 Dec 2013 10:55:02 +0100
Message-id: <[🔎] 85wqj6phft.fsf@boum.org>
In-reply-to: <[🔎] CAKTje6HiRTyNFkBDX_Hrdi_=WHabS8VXLxJtuGdQY_u=1O+3dA@mail.gmail.com> (Paul Wise's message of "Sun, 15 Dec 2013 14:28:53 +0800")
References: <[🔎] 52AB8E6C.2050107@riseup.net> <[🔎] CAKTje6G2PCMxVOUAMtQPthE3KAns005juoxU4xskdHnZt=XqBw@mail.gmail.com> <[🔎] 52AD1EB7.6060102@riseup.net> <[🔎] CAKTje6He6Qhg5P4ucV9x+qo=u==Hc=0btU4mpY-xLE+z4BynnQ@mail.gmail.com> <[🔎] CAFANWtV2tMV-RSuidK1WTDp9VgHodzenK6Po-Tm2WHTt2aenUg@mail.gmail.com> <[🔎] CAKTje6HiRTyNFkBDX_Hrdi_=WHabS8VXLxJtuGdQY_u=1O+3dA@mail.gmail.com>

Hi,

Paul Wise wrote (15 Dec 2013 06:28:53 GMT) :
> On Sun, Dec 15, 2013 at 2:13 PM, Darius Jahandarie wrote:
>> This thread is probably not the most apropos place to bring this up,
>> but I've found parcimonie to be an terribly over-complex
>> implementation of the (good) design document that they wrote. [...]

> Agreed. I've long thought it should have been written in C and
> included in GnuPG itself, as gpg-keyring-refresh-daemon or something
> like that.

As the author of parcimonie, I can only agree it would be great if
someone took it over and made it more lightweight. My initial priority
was to have something that works, and I'm glad if it paves the way for
something better. FWIW, the next upstream release will use Moo,
instead of Moose, so will be a bit more lightweight both in terms of
dependencies, and of memory footprint (especially once I get to port
GnuPG::Interface to Moo).

Are there specific pieces of the implementation that seem too complex
to you, or any available option that could be dropped in your opinion?

Cheers,
-- 
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc

Reply to:

Follow-Ups:
- Re: parcimonie [Was: Check for revocation certificates before running apt-get?]
  - From: Paul Wise <pabs@debian.org>

References:
- Check for revocation certificates before running apt-get?
  - From: adrelanos <adrelanos@riseup.net>
- Re: Check for revocation certificates before running apt-get?
  - From: Paul Wise <pabs@debian.org>
- Re: Check for revocation certificates before running apt-get?
  - From: adrelanos <adrelanos@riseup.net>
- Re: Check for revocation certificates before running apt-get?
  - From: Paul Wise <pabs@debian.org>
- Re: Check for revocation certificates before running apt-get?
  - From: Darius Jahandarie <djahandarie@gmail.com>
- Re: Check for revocation certificates before running apt-get?
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Check for revocation certificates before running apt-get?
Next by Date: Re: Check for revocation certificates before running apt-get?
Previous by thread: Re: Check for revocation certificates before running apt-get?
Next by thread: Re: parcimonie [Was: Check for revocation certificates before running apt-get?]
Index(es):
- Date
- Thread