Re: Opportunistic STARTTLS in smtpmail.el

[Ted Zlatanov]

On Wed, 01 Jun 2011 11:39:59 -0300 Stefan Monnier <address@hidden> wrote: 

SM> One more thing: a user which has a ~/.authinfo.gpg but no unencrypted
SM> ~/.netrc nor ~/.authinfo should not be prompted for a password (since
SM> that would be very annoying, if in the end she doesn't need
SM> authentication).
>> If the SMTP server requires authentication, how do we know
>> ~/.authinfo.gpg does NOT have the password we need?

SM> Exactly: we can only know if a var like smtpmail-use-auth tells us.

...or if the user's ~/.authinfo* is already cached and (for .gpg files)
decrypted in memory and we can look inside quickly.  But OK, you want to
avoid any passphrases or other prompts, I understand.  It makes the user
experience better.

SM> AFAICT, the main drive (in this discussion) to introduce
SM> field-encryption within the unencrypted .netrc file is to avoid
SM> introducing a smtpmail-use-auth customization.

>From my perspective the chief benefit is that any `auth-source-search'
call against an unencrypted file will not require a passphrase until the
password is actually needed, and yet the password will be stored
securely.  This is good for everyone, not just smtpmail.el.  It will
reduce prompts just like you have requested.  So I want this improvement
regardless of what you and Lars do with smtpmail.el.

SM> And my point is that this customization is a necessary thing anyway.
SM> So can we add this smtpmail-use-auth, make smtpmail.el use
SM> opportunistic STARTTLS and move on?

As I said, I will stay out of the way and you and Lars can do what you
like.  I may have to tweak the `auth-source-search' calls afterwards,
but I will not change the defaults you choose without asking.

Ted