13:00:37 #startmeeting image_encryption 13:00:37 Meeting started Mon Nov 16 13:00:37 2020 UTC and is due to finish in 60 minutes. The chair is Luzi. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:00:38 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 13:00:40 The meeting name has been set to 'image_encryption' 13:00:44 #topic Roll Call 13:00:46 \o 13:00:52 hi redrobot 13:00:55 o/ 13:01:01 ahoy! 13:01:03 hi rosmaita 13:01:06 hi fungi 13:01:08 hello 13:01:37 ok lets start 13:01:47 #topic Barbican Consumer API Update 13:01:58 are there updates on Barbican side? 13:02:14 A little bit of progress on the Microversions patch 13:02:22 Consumers will be part of Microversion 1.1 13:02:33 still a couple of weeks out of a patch, I think 13:02:44 okay, thank redrobot 13:03:10 #topic Image Encryption WIP-Patches 13:03:54 well no news from side 13:04:39 nothing from me 13:04:45 ups, wrong topic 13:04:50 sorry 13:04:53 XD 13:05:02 no need to worry tosky :) 13:05:24 #topic Open Discussion 13:05:35 is there anything you want to talk about? 13:06:21 nope, i didn't have anything to bring up 13:06:24 i haven't looked at your brick patch lately, what's the status of that? 13:07:14 status is, that only the dependency needs to be decided - after that it should be good to go 13:08:05 we currently use python-gnupg, but need some time to decide on whether we stay with it or change to gpgme... 13:08:20 ok, that's what i was going to ask 13:08:27 you are still looking into that? 13:09:11 i would like to test it completely, to be aware of any side-effects 13:10:04 but we currently have another project ongoing, so I hardly time to work on it, until end of november 13:10:09 :( 13:10:23 yeah, that's the way things work! 13:10:42 redrobot: do you have any opinion on gpgme vs python-gnupg ? 13:12:05 rosmaita, I don't have enough experience with those to have one. 13:12:50 ok 13:13:55 and neither are included in global requirements yet, so there's no incentive for one over the other there 13:14:23 yeah, Luzi, looks like you are on your own 13:15:23 i know :D 13:15:49 i suppose there's one reason to pick python-gnupg 13:15:59 gpgme is a wrapper around gnupg 13:17:02 python-gnupg is also a wrapper around gnugp 13:17:29 yes, but the python gpgme module is a wrapper around libgpgme which is a wrapper around gnupg 13:17:52 wrapper inception 13:17:56 so using it, both the libgpgme wrapper and gnupg are binary dependencies for the project 13:18:15 python-gnupg would have slightly fewer c lib/bin deps 13:18:24 that would indeed be a point for python-gnugp 13:18:53 not a huge concern, but worth keeping in mind when comparing 13:19:04 you are right 13:19:15 gpgme is basically a higher-level abstraction over gnupg 13:21:37 gpgme might make it easier to not make crucial security-related mistakes when invoking gnupg, but it also adds more opportunities for bugs in the critical security path with sensitive plaintext and key management 13:22:11 just by way of there being more software involved and more abstraction layers 13:23:01 that said, i still don't have a strong opinion for one vs the other, sorry :/ 13:25:51 thank you fungi for your help :) 13:27:10 i think i will stay with python-gnupg, but i have to talk to my colleges first 13:27:24 is there anything else you would like to talk about? 13:27:42 nothing from me 13:28:59 noyhing here either, thanks Luzi! 13:29:13 thank you for joingin this meeting and have a nice week 13:29:22 #endmeeting image_encryption