From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Daiki Ueno Newsgroups: gmane.emacs.devel Subject: Re: secure plist store Date: Wed, 29 Jun 2011 20:30:34 +0900 Message-ID: <87wrg4kh7p.fsf-ueno@unixuser.org> References: <87pqmxvfoh.fsf@lifelogs.com> <87sjrttwh8.fsf@lifelogs.com> <87wrh4b9h9.fsf@lifelogs.com> <87aae05l8p.fsf-ueno@unixuser.org> <87k4d4b66p.fsf@lifelogs.com> <87wrh0fh4g.fsf_-_@lifelogs.com> <87y60ncma8.fsf_-_@lifelogs.com> <87vcvrne02.fsf-ueno@unixuser.org> <87r56ep3sm.fsf@lifelogs.com> <874o39n171.fsf-ueno@unixuser.org> <87r56csynd.fsf@lifelogs.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1309349258 28978 80.91.229.12 (29 Jun 2011 12:07:38 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 29 Jun 2011 12:07:38 +0000 (UTC) To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Jun 29 14:07:34 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QbtYM-0000YC-Mu for ged-emacs-devel@m.gmane.org; Wed, 29 Jun 2011 14:07:34 +0200 Original-Received: from localhost ([::1]:49132 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QbtYL-00070x-Ez for ged-emacs-devel@m.gmane.org; Wed, 29 Jun 2011 08:07:33 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:40986) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Qbsyh-00061d-F7 for emacs-devel@gnu.org; Wed, 29 Jun 2011 07:30:44 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Qbsyf-0001te-Pq for emacs-devel@gnu.org; Wed, 29 Jun 2011 07:30:43 -0400 Original-Received: from ivory4.scn-net.ne.jp ([219.117.176.192]:59478) by eggs.gnu.org with smtp (Exim 4.71) (envelope-from ) id 1Qbsyf-0001tT-66 for emacs-devel@gnu.org; Wed, 29 Jun 2011 07:30:41 -0400 Original-Received: from ([192.168.0.187]) (envelope sender: ) by ivory4.scn-net.ne.jp with Active!Hunter esmtp server; Wed, 29 Jun 2011 20:30:36 +0900 Original-Received: Received: from well-done.deisui.org (g187018.scn-net.ne.jp [202.83.187.18]) (authenticated) by blue17.scn-net.ne.jp (unknown) with ESMTP id p5TBUakD012588 for ; Wed, 29 Jun 2011 20:30:36 +0900 In-Reply-To: <87r56csynd.fsf@lifelogs.com> (Ted Zlatanov's message of "Wed, 29 Jun 2011 05:46:46 -0500") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.3 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6, seldom 2.4 (older, 4) X-Received-From: 219.117.176.192 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:141168 Archived-At: Ted Zlatanov writes: > DU> Not really - GPG2 passphrase caching is smarter than elisp level caching > DU> as it uses unique ID embedded in GPG data, so it allows user to share > DU> passphrases even among multiple Emacs processes. > > ...so you're saying we don't benefit from a feature we can't use? What > are we supposed to change or improve? OK, honestly, I would say that it won't work with GPG2 since GPG2 does always do the password operation in the agent. Have you tried that? > The nicest thing about the netrc format, IMHO, is that other programs > understand it. What other programs use GPG encrypted netrc? What other programs writes passwords automatically into that file? IMHO, these are very ad-hoc approaches and causing unnecessary complexities. > Editing the netrc directly is not a power user feature. They are very > easy to read and understand. I have shown dozens of people with various > skill levels how to use them and the only question they tend to ask is > "what about spaces in the password?" I guess that file is edited when a user is accessing to some machines frequently with legacy clients (like ~/.rhosts). I really hope that Gnus does the password caching in more suckless way, as modern clients like Thunderbird do, at least by default. For my case, I have never edited netrc by hand. After upgrading to Gnus in Emacs 24, it started asking with confusing multiple-choice question to save the password, and I answered the question with "y" without reading the help carefully. Then, from the next time, it started asking passwords unwanted timing - really annoying, and it shouldn't be the default behavior for new users. Regards, -- Daiki Ueno