From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ted Zlatanov Newsgroups: gmane.emacs.devel Subject: Re: secure plist store Date: Wed, 29 Jun 2011 07:58:36 -0500 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos Message-ID: <87oc1grdz7.fsf@lifelogs.com> References: <87pqmxvfoh.fsf@lifelogs.com> <87sjrttwh8.fsf@lifelogs.com> <87wrh4b9h9.fsf@lifelogs.com> <87aae05l8p.fsf-ueno@unixuser.org> <87k4d4b66p.fsf@lifelogs.com> <87wrh0fh4g.fsf_-_@lifelogs.com> <87y60ncma8.fsf_-_@lifelogs.com> <87vcvrne02.fsf-ueno@unixuser.org> <87r56ep3sm.fsf@lifelogs.com> <874o39n171.fsf-ueno@unixuser.org> <87mxh0sy9o.fsf@lifelogs.com> <87pqlwkfw1.fsf-ueno@unixuser.org> Reply-To: emacs-devel@gnu.org NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain X-Trace: dough.gmane.org 1309359359 29773 80.91.229.12 (29 Jun 2011 14:55:59 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 29 Jun 2011 14:55:59 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Jun 29 16:55:51 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QbwBC-0003B4-MO for ged-emacs-devel@m.gmane.org; Wed, 29 Jun 2011 16:55:50 +0200 Original-Received: from localhost ([::1]:58243 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QbwBB-00026Q-D0 for ged-emacs-devel@m.gmane.org; Wed, 29 Jun 2011 10:55:49 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:37006) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QbuM5-0003rs-68 for emacs-devel@gnu.org; Wed, 29 Jun 2011 08:58:58 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QbuM3-00022M-6F for emacs-devel@gnu.org; Wed, 29 Jun 2011 08:58:56 -0400 Original-Received: from lo.gmane.org ([80.91.229.12]:35912) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QbuM2-00022I-QB for emacs-devel@gnu.org; Wed, 29 Jun 2011 08:58:55 -0400 Original-Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1QbuM0-0006qX-S6 for emacs-devel@gnu.org; Wed, 29 Jun 2011 14:58:52 +0200 Original-Received: from 38.98.147.133 ([38.98.147.133]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 29 Jun 2011 14:58:52 +0200 Original-Received: from tzz by 38.98.147.133 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 29 Jun 2011 14:58:52 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: emacs-devel@gnu.org Original-Lines: 53 Original-X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 38.98.147.133 X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) Cancel-Lock: sha1:aEhbHnn54X6vM8wn1vpmwAel0N4= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 80.91.229.12 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:141174 Archived-At: On Wed, 29 Jun 2011 20:59:10 +0900 Daiki Ueno wrote: DU> Ted Zlatanov writes: >> I would appreciate it if you were more specific about "does not work" by >> either filing a bug or explaining. Obviously it works for me and Lars, >> who tested it. Similarly, since you wrote EPA/EPG, your advice on >> reducing complexity when we use it is greatly appreciated but you don't >> give us any here. DU> I have too many minor comments to list here, but at least duplicate code DU> regarding stashfile should be simplified by supplying a custom DU> passphrase-callback and calling epg-{encrypt,decrypt}-string. Can I use the way you have it in plstore.el? That seems a good approach but I want to be sure you agree before I rewrite the relevant auth-source.el code. Feel free to send me your comments as a patch or otherwise. I appreciate your time and attention. DU> Currently it's really hard to understand what the code does. Sorry about that. I will try to simplify it. It was written in a hurry and I don't know the EPA/EPG interfaces well. DU> I don't want to see that the Gnus password-caching feature becomes DU> harder and harder to use daily... >> >> I don't think we've done anything that makes it harder to use. The GPG >> token functionality is off by default right now. DU> Yes, and I hope that it won't be on by default. I think it's a useful feature, but your feedback matters and I will not turn it on by default without discussing it further. >> So it's not line-based. I think that's a minus: people expect to be >> able to copy a line out of the netrc file, and it makes managing such >> files easier. DU> I think typical users don't want to edit the auto-saved passwords file DU> itself, as long as it saves their passwords and serves it to services as DU> needed. I guess we've observed different user patterns and see different needs. I still think a simple line-based format is better than a multi-line format, if the netrc file is going to be portable and extensible. For instance I could (and intend to) submit a patch to libcurl to handle gpg: tokens, but I don't think I could do it for plstore-formatted files. Thanks Ted