Re: secure plist store

[Daiki Ueno]

Lars Magne Ingebrigtsen <address@hidden> writes:

>> I didn't notice that the field encryption code is already checked in.
>> However, it does not work for me at all and looks too complicated - also
>> it apparently does not benefit from GPG2 passphrase caching (see "(auth)
>> GnuPG and EasyPG Assistant Configuration").
>
> Can't it be altered to support passphrase caching?

Not really - GPG2 passphrase caching is smarter than elisp level caching
as it uses unique ID embedded in GPG data, so it allows user to share
passphrases even among multiple Emacs processes.

>> --8<---------------cut here---------------start------------->8---
>> (("baz" :secret-user t :host "baz.example.org")
>>  ("bar" :secret-user t :host "bar.example.org")
>>  ("foo" :host "foo.example.org" :port 80))
>> "-----BEGIN PGP MESSAGE-----
>> Version: GnuPG v2.0.17 (GNU/Linux)
>>
>> jA0EAwMCXQZhP/0Se0DUyTQcC17GCo0CdT+RfFFskWp4aNYW/aOT/qbv24M1vPfx
>> TFi9AR7iVc6qlg+9cA3f3buYBGvp
>> =UEHH
>> -----END PGP MESSAGE-----
>
> The nice thing about the netrc format is that people can edit it
> themselves.  This looks more fragile.

The above format is tentative and could be improved.  Anyway, as the
encrypted fields in netrc is also not easily editable and given that the
people editing netrc are kind of power user, how about making netrc
files as fallback and read-only from Gnus?

Regards,
-- 
Daiki Ueno