Re: secure plist store

[Daiki Ueno]

Ted Zlatanov <address@hidden> writes:

> DU> Not really - GPG2 passphrase caching is smarter than elisp level caching
> DU> as it uses unique ID embedded in GPG data, so it allows user to share
> DU> passphrases even among multiple Emacs processes.
>
> ...so you're saying we don't benefit from a feature we can't use?  What
> are we supposed to change or improve?

OK, honestly, I would say that it won't work with GPG2 since GPG2 does
always do the password operation in the agent.  Have you tried that?

> The nicest thing about the netrc format, IMHO, is that other programs
> understand it.

What other programs use GPG encrypted netrc?  What other programs writes
passwords automatically into that file?  IMHO, these are very ad-hoc
approaches and causing unnecessary complexities.

> Editing the netrc directly is not a power user feature.  They are very
> easy to read and understand.  I have shown dozens of people with various
> skill levels how to use them and the only question they tend to ask is
> "what about spaces in the password?"

I guess that file is edited when a user is accessing to some machines
frequently with legacy clients (like ~/.rhosts).  I really hope that
Gnus does the password caching in more suckless way, as modern clients
like Thunderbird do, at least by default.

For my case, I have never edited netrc by hand.  After upgrading to Gnus
in Emacs 24, it started asking with confusing multiple-choice question
to save the password, and I answered the question with "y" without
reading the help carefully.  Then, from the next time, it started asking
passwords unwanted timing - really annoying, and it shouldn't be the
default behavior for new users.

Regards,
-- 
Daiki Ueno