[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#911

From: Lars Ingebrigtsen
Subject: bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg, bug#9113: 24.0.50; auth-sources: .authinfo versus .authinfo.gpg
Date: Mon, 30 Jan 2012 17:33:47 +0100
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.92 (gnu/linux)

Ted Zlatanov <address@hidden> writes:

> The encryption doesn't have to be strong.  It could use a well-known
> secret that the user can override, rather than an actual passphrase, and
> then no questions will be asked.

Sure.  This is what Firefox (etc.) does, and (most) people seem to be
satisfied with that.  On the other hand, this is just obscuring the
passwords, so the difference between this and, say,

machine smtp.gmail.com user foo password base64:c2VjcmV0

isn't huge.  (I mean, it is a real difference, but I'm not quite sure
whether it's a difference with a distinction.  :-)

So perhaps auth-source should just base64-encode password tokens by
default for Emacs 24.1?  That would give the users less of an "EEK"
feeling if they're looking at this file, and somebody is looking over
their shoulders...

(domestic pets only, the antidote for overdose, milk.)
  http://lars.ingebrigtsen.no  *  Sent from my Rome

reply via email to

[Prev in Thread] Current Thread [Next in Thread]