[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: secure plist store
|
From: |
Ted Zlatanov |
|
Subject: |
Re: secure plist store |
|
Date: |
Wed, 29 Jun 2011 05:46:46 -0500 |
|
User-agent: |
Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) |
On Wed, 29 Jun 2011 18:05:36 +0900 Daiki Ueno <address@hidden> wrote:
DU> Lars Magne Ingebrigtsen <address@hidden> writes:
>>> I didn't notice that the field encryption code is already checked in.
>>> However, it does not work for me at all and looks too complicated - also
>>> it apparently does not benefit from GPG2 passphrase caching (see "(auth)
>>> GnuPG and EasyPG Assistant Configuration").
>>
Lars> Can't it be altered to support passphrase caching?
DU> Not really - GPG2 passphrase caching is smarter than elisp level caching
DU> as it uses unique ID embedded in GPG data, so it allows user to share
DU> passphrases even among multiple Emacs processes.
...so you're saying we don't benefit from a feature we can't use? What
are we supposed to change or improve?
>>> --8<---------------cut here---------------start------------->8---
>>> (("baz" :secret-user t :host "baz.example.org")
>>> ("bar" :secret-user t :host "bar.example.org")
>>> ("foo" :host "foo.example.org" :port 80))
Lars> The nice thing about the netrc format is that people can edit it
Lars> themselves. This looks more fragile.
DU> The above format is tentative and could be improved.
The nicest thing about the netrc format, IMHO, is that other programs
understand it. Your proposal is no better than a binary store as far as
other programs are concerned. The GPG tokens we currently have are
backwards compatible, meaning that they can be mixed with unencrypted
lines and tokens, and that's the reason we did them that way.
DU> Anyway, as the encrypted fields in netrc is also not easily editable
DU> and given that the people editing netrc are kind of power user, how
DU> about making netrc files as fallback and read-only from Gnus?
The encrypted fields are not supposed to be editable, though that's not
hard to provide.
Editing the netrc directly is not a power user feature. They are very
easy to read and understand. I have shown dozens of people with various
skill levels how to use them and the only question they tend to ask is
"what about spaces in the password?"
Ted
- Re: Opportunistic STARTTLS in smtpmail.el, (continued)
- Re: Opportunistic STARTTLS in smtpmail.el, Lars Magne Ingebrigtsen, 2011/06/03
- netrc field encryption in auth-source (was: Opportunistic STARTTLS in smtpmail.el), Ted Zlatanov, 2011/06/05
- Re: netrc field encryption in auth-source, Lars Magne Ingebrigtsen, 2011/06/26
- GPGME (was: netrc field encryption in auth-source), Ted Zlatanov, 2011/06/27
- Re: GPGME, Daiki Ueno, 2011/06/27
- Re: GPGME, Ted Zlatanov, 2011/06/28
- Re: GPGME, Daiki Ueno, 2011/06/28
- secure plist store, Daiki Ueno, 2011/06/29
- Re: secure plist store, Lars Magne Ingebrigtsen, 2011/06/29
- Re: secure plist store, Daiki Ueno, 2011/06/29
- Re: secure plist store,
Ted Zlatanov <=
- Re: secure plist store, Daiki Ueno, 2011/06/29
- Re: secure plist store, Ted Zlatanov, 2011/06/29
- Re: secure plist store, Daiki Ueno, 2011/06/29
- Re: secure plist store, Ted Zlatanov, 2011/06/29
- Re: secure plist store, Daiki Ueno, 2011/06/29
- Re: secure plist store, Ted Zlatanov, 2011/06/29
- Re: secure plist store, Ted Zlatanov, 2011/06/29
- Re: secure plist store, Daiki Ueno, 2011/06/29
- Re: secure plist store, Ted Zlatanov, 2011/06/30
- Re: secure plist store, Daiki Ueno, 2011/06/30