From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general,gmane.emacs.devel Subject: Re: Small patch to enable use of gpg-agent with pgg Date: Thu, 23 Mar 2006 14:00:21 +0100 Message-ID: <87wtel2u56.fsf@latte.josefsson.org> References: <2cd46e7f0510031250u66ea1349yb437d539ce4027ef@mail.gmail.com> <20051007214952.GA30235@kenny.sha-bang.local> <20051008103627.GA1218@kenny.sha-bang.local> <2cd46e7f0510081131h14e2bbeaga7f1a33ebd6347c8@mail.gmail.com> <2cd46e7f0510101415t76825ea7u9749fe23da54ce@mail.gmail.com> <2cd46e7f0510121647x3c51fb65pc883ed61f4e864ab@mail.gmail.com> <2cd46e7f0510200708x4640d1c2t50743cf439e52dd4@mail.gmail.com> <87pskfq361.fsf@latte.josefsson.org> <87zmjicv9d.fsf@latte.josefsson.org> <87irq6yrfo.fsf@latte.josefsson.org> <87slp9y15z.fsf@latte.josefsson.org> <87wtelwhvl.fsf@latte.josefsson.org> <87odzx4dpp.fsf@latte.josefsson.org> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1143118874 10413 80.91.229.2 (23 Mar 2006 13:01:14 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Thu, 23 Mar 2006 13:01:14 +0000 (UTC) Cc: Reiner Steib , Katsumi Yamaoka , "Daiki Ueno \(pgg author\)" , ding@gnus.org, emacs-devel@gnu.org Original-X-From: ding-owner+m10915@lists.math.uh.edu Thu Mar 23 14:01:06 2006 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by ciao.gmane.org with esmtp (Exim 4.43) id 1FMPQs-00075s-Nu for ding-account@gmane.org; Thu, 23 Mar 2006 14:00:55 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1FMPQm-000351-00; Thu, 23 Mar 2006 07:00:48 -0600 Original-Received: from nas01.math.uh.edu ([129.7.128.39]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1FMPQa-00034w-00 for ding@lists.math.uh.edu; Thu, 23 Mar 2006 07:00:36 -0600 Original-Received: from quimby.gnus.org ([80.91.224.244]) by nas01.math.uh.edu with esmtp (Exim 4.52) id 1FMPQX-0000eb-8t for ding@lists.math.uh.edu; Thu, 23 Mar 2006 07:00:36 -0600 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net ([217.13.230.178] helo=yxa.extundo.com) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1FMPQS-0005Pl-00 for ; Thu, 23 Mar 2006 14:00:28 +0100 Original-Received: from localhost.localdomain (yxa.extundo.com [217.13.230.178]) (authenticated bits=0) by yxa.extundo.com (8.13.4/8.13.4/Debian-3sarge1) with ESMTP id k2ND0LUR003400; Thu, 23 Mar 2006 14:00:22 +0100 Original-To: Sascha Wilde OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:21:060323:reinersteib@imap.cc::7g9QAq5gSOMxOGVf:M/S X-Hashcash: 1:21:060323:yamaoka@jpl.org::yws+GALuQ3DHXvom:kHO X-Hashcash: 1:21:060323:emacs-devel@gnu.org::URTYoqvIgSLmXDt3:0xFu X-Hashcash: 1:21:060323:ueno@unixuser.org::Hmn0T6h6XDhhj/zJ:A6fo X-Hashcash: 1:21:060323:wilde@sha-bang.de::yO/KFbay2sMa8Uh6:DAhU X-Hashcash: 1:21:060323:ding@gnus.org::3yGCrk+1nMuLtKmg:AyCA In-Reply-To: (Sascha Wilde's message of "Thu, 23 Mar 2006 13:00:42 +0100") User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00, FORGED_RCVD_HELO autolearn=ham version=3.1.0 X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on yxa-iv X-Virus-Scanned: ClamAV version 0.88, clamav-milter version 0.87 on yxa.extundo.com X-Virus-Status: Clean X-Spam-Score: -2.5 (--) Precedence: bulk Original-Sender: ding-owner@lists.math.uh.edu Xref: news.gmane.org gmane.emacs.gnus.general:62388 gmane.emacs.devel:52005 Archived-At: Sascha Wilde writes: > Could you please leave it in the GNU Emacs CVS, where it actually > works as intended? Yep, done. It complicate syncing a bit, though. >> If/when Daiki's idea (as I understand it) is implemented, the end >> result will be: >> >> *) Pgg will invoke gpg and then figure out whether a passphrase is >> needed and only at that point query for it. This will work >> regardless of whether the agent is used, whether a passphrase is >> required or not, or whether a pin code is required. The user >> doesn't have to fiddle with any variable. > > I don't think so. While I'm sure, that Daiki's idea -- once it > works -- will handle certain situations better than mine, there will > still be the need for an variable enabling the user to turn of any use > of the agent. > > Here is an example[0] from my own experience: > > - A user logs in on machine 'A' and starts the gpg-agent. > - He leaves the machine, but stays logged in... > - Now he uses machine 'B' to log in on machine 'A': > the environment is setup to use the already running gpg-agent > (automatically, in an login script) > - He starts Emacs/Gnus and tries to sign, decrypt whatever... > - The agent runs and is working, everything seems fine, but the user > isn't queried for the passphrase ... what happened? > - The User _is_ actually queried, but the pinentry program is started > on the X11 Display or tty of machine 'A'. > > I think this is a design problem of the gpg-agent. And yes, there are > several ways to circumvent this problem, but I think it would be very > convenient, if I could tell pgg to just ignore any agent and ask for > the passphrase. This example seems strange. How would the user's second session get the GPG_AGENT_INFO environment variable that points to the gpg-agent running in the user's first session? Without that, I don't think it will work as you describe. I think the user should start another gpg-agent for his new session. I'm not sure I see any disadvantage (except code complexity) with Daiki's approach. Maybe you can expand on the above, or think of more problems, and we can see whether maybe we should use some other approach. Perhaps move that discussion to the ding list only. Daiki's approach is also arguable more correct if you don't have a passphrase at all. The Gnus query for a passphrase would be quite confusing in that case. > Even gpg itself doesn't use an available agent automatically, but only > when it's asked to (by setting --use-agent) and I think this is a good > decision. I have 'use-agent' in my gpg.conf. If the agent isn't available, gpg will fall back to querying to user interactively. That seem to give the best user experience for gpg, so I think we should support it. Further, if you use a smartcard (like an OpenPGP card), it seems you _must_ use the agent for things to work at all. (I can't get gpg to sign anything using my smartcard if I disable the agent.)