Re: Opportunistic STARTTLS in smtpmail.el

[Lars Magne Ingebrigtsen]

Ted Zlatanov <address@hidden> writes:

> If you insist on avoiding this file check, we could have a "Lisp data"
> backend in addition to the file and Secrets backends.  That would be
> pretty trivial to implement and would mirror the existing netrc parse
> results structurally.

I think the idea of putting this stuff in auth-source is good, but I'm
just wondering whether we could have a meaningful separation of secret
credentials (i.e., passwords and user names) and non-secret credentials
(key files to be used, in this instance).

I think putting stuff like key files into ~/.authinfo is fine.  But if
the user has a ~/.authinfo.gpg file (for IMAP use, for instance), and
smtpmail wants to see whether a key file is to be used, there should be
a way for smtpmail to get at this information without typing the .gpg
password.

I don't really see how that would work in any convenient way with our
current interfaces.  smtpmail really wants to say "check whether this
exists, but don't try too hard", sort of.

I think the previous discussion along these lines led us to the idea of
having two files: ~/.authinfo for all the non-secret data, and
~/.authinfo.gpg for the passwords themselves.  I don't think anybody
really were much in favour of that split, since it meant duplicating
data a lot.

But I don't think anybody has really had a better idea, so perhaps we
should just go with that idea, anyway.

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/