emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opportunistic STARTTLS in smtpmail.el

From: Ted Zlatanov
Subject: Re: Opportunistic STARTTLS in smtpmail.el
Date: Thu, 02 Jun 2011 08:09:11 -0500
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux) 
On Thu, 02 Jun 2011 01:09:36 -0300 Stefan Monnier <address@hidden> wrote: 

>> From my perspective the chief benefit is that any `auth-source-search'
>> call against an unencrypted file will not require a passphrase until the
>> password is actually needed, and yet the password will be stored
>> securely.

SM> Sounds OK.  But only if you push if further and deprecate
SM> authinfo.gpg.

On Thu, 02 Jun 2011 10:57:41 +0200 Robert Pluim <address@hidden> wrote: 

RP> I'm not clear on why you'd want that.  I can imagine someone wanting to
RP> hide username & server identities from inspection, not just the
RP> associated passwords. ie I distinguish 3 cases

RP> 1) everything unencrypted
RP> 2) passwords encrypted only
RP> 3) everything encrypted

It will be less necessary as the first `auth-sources' choice, but still
useful, as Robert noted (I see case 2 as "encrypted tokens" since any
token can be encrypted in my proposal).

I'll simply make `auth-sources' ("~/.authinfo" "~/.authinfo.gpg")

which as a default will work fine.  Creation prompts will target the
first one.  The users can put insecure or token-encrypted data in the
first one and use the second one for more secure storage.

Ted
reply via email to
[Prev in Thread] Current Thread [Next in Thread]