From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Opportunistic STARTTLS in smtpmail.el
Date: Thu, 02 Jun 2011 10:31:58 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87k4d4b66p.fsf@lifelogs.com>
References: <m3ipu4u7bv.fsf@quimbies.gnus.org>
	<pknaae4kqp7.fsf@this.is.really.invalid>
	<jwvzkm4xatu.fsf-monnier+emacs@gnu.org>
	<m362os2cv7.fsf@quimbies.gnus.org> <m3d3izlr8z.fsf@quimbies.gnus.org>
	<87y61nnpoq.fsf@lifelogs.com> <m3ei3eg2b9.fsf@quimbies.gnus.org>
	<87fwnuacc5.fsf@lifelogs.com> <m3ei3e7gr4.fsf@quimbies.gnus.org>
	<878vtmo081.fsf@lifelogs.com> <jwvboyipcmk.fsf-monnier+emacs@gnu.org>
	<87tycamhmv.fsf@lifelogs.com> <jwvoc2hohs3.fsf-monnier+emacs@gnu.org>
	<87pqmxvfoh.fsf@lifelogs.com> <jwvei3dmxh4.fsf-monnier+emacs@gnu.org>
	<87sjrttwh8.fsf@lifelogs.com> <jwvzkm0khbw.fsf-monnier+emacs@gnu.org>
	<pknhb88txtm.fsf@this.is.really.invalid>
	<jwvoc2gjudo.fsf-monnier+emacs@gnu.org> <87wrh4b9h9.fsf@lifelogs.com>
	<87aae05l8p.fsf-ueno@unixuser.org>
Reply-To: emacs-devel@gnu.org
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1307031072 22981 80.91.229.12 (2 Jun 2011 16:11:12 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Thu, 2 Jun 2011 16:11:12 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Jun 02 18:11:08 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QSAUF-0006hU-Lu
	for ged-emacs-devel@m.gmane.org; Thu, 02 Jun 2011 18:11:07 +0200
Original-Received: from localhost ([::1]:38288 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QSAUE-0002oT-84
	for ged-emacs-devel@m.gmane.org; Thu, 02 Jun 2011 12:11:06 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:32963)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QS9sl-0001d2-VS
	for emacs-devel@gnu.org; Thu, 02 Jun 2011 11:32:25 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QS9sf-0008L2-OB
	for emacs-devel@gnu.org; Thu, 02 Jun 2011 11:32:23 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:59426)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QS9sf-0008Kh-8R
	for emacs-devel@gnu.org; Thu, 02 Jun 2011 11:32:17 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QS9sa-0003XS-CB
	for emacs-devel@gnu.org; Thu, 02 Jun 2011 17:32:12 +0200
Original-Received: from 38.98.147.130 ([38.98.147.130])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Thu, 02 Jun 2011 17:32:12 +0200
Original-Received: from tzz by 38.98.147.130 with local (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Thu, 02 Jun 2011 17:32:12 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: emacs-devel@gnu.org
Original-Lines: 73
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: 38.98.147.130
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:cz1a8uJgIi+I/HY6kvd15ruLrVo=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:140071
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/140071>

On Fri, 03 Jun 2011 00:03:18 +0900 Daiki Ueno <ueno@unixuser.org> wrote: 

DU> Ted Zlatanov <tzz@lifelogs.com> writes:
>> The discussion petered out, and your proposal was .

DU> (was what?)

Sorry, I jumped ahead there.  Your proposal was not implemented.

>> I think my current proposal is a continuation of
>> http://thread.gmane.org/gmane.emacs.gnus.general/77009/focus=77208
>> where I propose something similar.  The key difference is Lars' idea
>> of encrypting only pieces of an otherwise unencrypted file.

DU> How those pieces of encrypted data can share the same passphrase?
DU> Otherwise a user will be asked passphrase every time when decrypting
DU> those pieces IIUC - that would be more painful than the current
DU> situation or the unencrypted file solution.

We'd associate a passphrase with the file, not each piece.  It should be
just like using a fully encrypted file, with the same passphrase caching
mechanism if symmetric encryption is used.

DU> Anyway I will be happy if:
>> 
DU> - Gnus does not ask password when connecting to password-less services
>> 
>> It doesn't.

DU> Why it doesn't?  Do you think the current behavior is reasonable enough?
DU> On my modern GNOME desktop environment, NetworkManager etc. do not asks
DU> passwords for password-less services.

EPA/EPG is actually the one asking for passphrases if an `auth-sources'
entry needs to be decrypted.  So I was just correcting the "Gnus" part,
not saying the behaviour is reasonable.  Partly, this thread is about
correcting the current behavior.

>> You could also use the Secrets API or propose a new `auth-sources'
>> backend that fits your needs (your expertise is greatly appreciated).  

DU> Yes, I know, but are you using it daily?

Are you asking about the Secrets API backend?  I'm personally not able
to use it because I need my ~/.authinfo.gpg on several platforms.  But
it works: I've tested it and used it.  It doesn't support creation or
deletion yet.

>> I like the idea of a pure-data backend, for instance, where all the data
>> is in the `auth-sources' entry directly.  I would implement it if people
>> needed it, but it seems everyone prefers data formats they can share
>> with programs outside Emacs.

DU> I don't understand what you are talking about - sounds like a sales talk
DU> by researchers in software engineering academia ;)

In the first sentence, I mean that `auth-sources' could look like this:

'((data ((:host "x" :user "y" :secret "z")))
  "~/.authinfo")

and then (auth-source-search :host "x" :user "y" :max 1)  would return
that first entry directly.  ~/.authinfo would not be examined.

The second sentence means that whenever I've proposed this, I seem to be
the only one that likes the idea.  So I haven't implemented it.  People
seem to like the netrc format because it's understood by other programs,
e.g. libcurl-based software like Git and curl.  But this idea seems to
me a good way to specify connection parameters and it could even support
the "gpg:<hex data>" format we are discussing for netrc field
encryption.

Ted