[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg
From: |
Stefan Monnier |
Subject: |
bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg |
Date: |
Thu, 26 Jan 2012 12:28:47 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.0.92 (gnu/linux) |
>>> The Emacs maintainers asked me to make the default unencrypted. I don't
>>> think they will change their position.
SM> I can't remember exactly how we got there. But I do agree that saving
SM> a password unencrypted by default is not a good idea.
> I don't recall exactly either. But here's how we can proceed. We have
> several options:
> 1) go back to authinfo.gpg as the first choice
I'm not sure what this means: how does it fix the problem, what other
consequences does it have? E.g. will Emacs end up asking for my
password to read autoinfo.gpg even though the thing it's looking for is
not there?
> 2) use unencrypted authinfo with encrypted password tokens, which
> looks like this:
> machine supertest password
> gpg:jA0EAwMC2tUEaZgM7A5gyWM/owySdCOS/cjoFCuf8LI1d1kYX7z6cjsNkakM04u1geh/iesqyH3XQFI+SEVLb/oEC/EoQ0LIgRRoBiLyu9XZWN1ytY7MQxpPZniFz13oGV4/Dwl8yrP3Hba5LfQpHy2FZRM=
That might be a good option.
> Additionally, we should decide if any of this is happening for 24.1. I
> would really prefer to make the default more secure for 24.1.
IIRC for 23 the default was to keep the password for the current session
and not to store it in any file at all. I think it's a better default
than writing it in clear in some file, so at least for 24.1 reverting to
the Emacs-23 default is very attractive.
Another option (the better long-term option) is to use an external
keychain service to handle these issues. That's what we should focus on
for the "next time".
Stefan
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Ted Zlatanov, 2012/01/25
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Stefan Monnier, 2012/01/25
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Ted Zlatanov, 2012/01/26
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Achim Gratz, 2012/01/26
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Ted Zlatanov, 2012/01/26
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Stefan Monnier, 2012/01/26
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Lars Ingebrigtsen, 2012/01/30
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Stefan Monnier, 2012/01/30
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Lars Ingebrigtsen, 2012/01/30
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Michael Albinus, 2012/01/31
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Stefan Monnier, 2012/01/31
- bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, Daiki Ueno, 2012/01/26