From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Sascha Wilde Newsgroups: gmane.emacs.devel,gmane.emacs.gnus.general Subject: Re: Small patch to enable use of gpg-agent with pgg Date: Thu, 23 Mar 2006 13:00:42 +0100 Message-ID: References: <2cd46e7f0510031250u66ea1349yb437d539ce4027ef@mail.gmail.com> <2cd46e7f0510071106k3d4d3e6agc36f16a37d8b6bc6@mail.gmail.com> <20051007214952.GA30235@kenny.sha-bang.local> <20051008103627.GA1218@kenny.sha-bang.local> <2cd46e7f0510081131h14e2bbeaga7f1a33ebd6347c8@mail.gmail.com> <2cd46e7f0510101415t76825ea7u9749fe23da54ce@mail.gmail.com> <2cd46e7f0510121647x3c51fb65pc883ed61f4e864ab@mail.gmail.com> <2cd46e7f0510200708x4640d1c2t50743cf439e52dd4@mail.gmail.com> <87pskfq361.fsf@latte.josefsson.org> <87zmjicv9d.fsf@latte.josefsson.org> <87irq6yrfo.fsf@latte.josefsson.org> <87slp9y15z.fsf@latte.josefsson.org> <87wtelwhvl.fsf@latte.josefsson.org> <87odzx4dpp.fsf@latte.josefsson.org> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1143115280 30024 80.91.229.2 (23 Mar 2006 12:01:20 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Thu, 23 Mar 2006 12:01:20 +0000 (UTC) Cc: Katsumi Yamaoka , "Daiki Ueno \(pgg author\)" , emacs-devel@gnu.org, ding@gnus.org, Reiner Steib Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Thu Mar 23 13:01:15 2006 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by ciao.gmane.org with esmtp (Exim 4.43) id 1FMOV5-0008DL-LS for ged-emacs-devel@m.gmane.org; Thu, 23 Mar 2006 13:01:12 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1FMOV5-0003CR-9p for ged-emacs-devel@m.gmane.org; Thu, 23 Mar 2006 07:01:11 -0500 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1FMOUs-0003CA-84 for emacs-devel@gnu.org; Thu, 23 Mar 2006 07:00:58 -0500 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1FMOUr-0003By-FH for emacs-devel@gnu.org; Thu, 23 Mar 2006 07:00:57 -0500 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1FMOUr-0003Bv-AG for emacs-devel@gnu.org; Thu, 23 Mar 2006 07:00:57 -0500 Original-Received: from [62.141.58.119] (helo=km1136.keymachine.de) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32) (Exim 4.52) id 1FMOVR-0006rY-4S for emacs-devel@gnu.org; Thu, 23 Mar 2006 07:01:33 -0500 Original-Received: from kenny.sha-bang.de (xdsln052.osnanet.de [212.95.113.52]) (authenticated bits=0) by km1136.keymachine.de (8.12.11/8.12.10) with ESMTP id k2NC0eYx027621; Thu, 23 Mar 2006 13:00:41 +0100 Original-Received: from wilde by kenny.sha-bang.de with local (Kenny MUA v.0409034.42) ID 1FMOUc-0001az-Qe; Thu, 23 Mar 2006 13:00:42 +0100 Original-To: Simon Josefsson In-Reply-To: <87odzx4dpp.fsf@latte.josefsson.org> (Simon Josefsson's message of "Thu, 23 Mar 2006 12:12:18 +0100") User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:52001 gmane.emacs.gnus.general:62383 Archived-At: Simon Josefsson wrote: [pgg-gpg-update-agent won't work on pre 22 emacsen] >> Given that this function probably won't be used at all if Daiki's idea >> is implemented, I think we should remove the function for now. >> Daiki's approach (if I understand it correctly) of not second-guessing >> what parameters gpg will need is more reliable than this approach, >> even if this approach would work fine on all emacsen. > > I removed the function. The end result is this: > > 1) People who don't use the agent don't have to do anything, this is > as before. > > 2) People who use the agent must enable pgg-gpg-use-agent manually. > This is better than before, because the agent didn't work at all > with pgg then. > > 3) People who use the agent must make sure the agent is still running > (or disable the variable temporarily, or re-start the agent and > fixing the environment variable using M-x setenv). Could you please leave it in the GNU Emacs CVS, where it actually works as intended? > If/when Daiki's idea (as I understand it) is implemented, the end > result will be: > > *) Pgg will invoke gpg and then figure out whether a passphrase is > needed and only at that point query for it. This will work > regardless of whether the agent is used, whether a passphrase is > required or not, or whether a pin code is required. The user > doesn't have to fiddle with any variable. I don't think so. While I'm sure, that Daiki's idea -- once it works -- will handle certain situations better than mine, there will still be the need for an variable enabling the user to turn of any use of the agent. Here is an example[0] from my own experience: - A user logs in on machine 'A' and starts the gpg-agent. - He leaves the machine, but stays logged in... - Now he uses machine 'B' to log in on machine 'A': the environment is setup to use the already running gpg-agent (automatically, in an login script) - He starts Emacs/Gnus and tries to sign, decrypt whatever... - The agent runs and is working, everything seems fine, but the user isn't queried for the passphrase ... what happened? - The User _is_ actually queried, but the pinentry program is started on the X11 Display or tty of machine 'A'. I think this is a design problem of the gpg-agent. And yes, there are several ways to circumvent this problem, but I think it would be very convenient, if I could tell pgg to just ignore any agent and ask for the passphrase. Even gpg itself doesn't use an available agent automatically, but only when it's asked to (by setting --use-agent) and I think this is a good decision. cheers sascha [0] actually, the simple example of emacs running an a text console which I used before, was totally wrong -- it works just fine as I tested a few minutes ago... :-) -- Sascha Wilde Wer HTML postet oder gepostetes HTML quotet oder sich gepostetes oder gequotetes HTML beschafft, um es in Verkehr zu bringen, wird geplonkt.