On Thu, Jun 01, 2023 at 10:11:57AM +0300, Eli Zaretskii wrote: > > From: Ihor Radchenko > > Cc: Adam Porter , emacs-devel@gnu.org, > > jschmidt4gnu@vodafonemail.de > > Date: Thu, 01 Jun 2023 06:48:51 +0000 > > > > Eli Zaretskii writes: > > > > >> I think Emacs needs a new library to store Lisp data securely. > > > > > > Can't we use the GnuTLS cryptography functions, like > > > gnutls-symmetric-encrypt, for that? > > > > I think that it is not just about encryption. > > The API should also have ways to expire passwords and deal with a need > > to update them individually. > > What would be the effect of expiring a password on stuff stored using > the password that just expired? would it mean I can no longer access > that stuff? Or would it mean I must use a new password for storing > new stuff? Or something else? This might be a slight misunderstanding: if I understand Ihor correctly, only the cached password is expired, so the user would have just to reenter it. This is to mitigate the risk that someone else takes over an abandoned session (a mild form of user presence check, if you will). If I understand you correctly, you seem to envision the expiry of the password itself, which is something different, to happen at the "server" side. Cheers -- t