From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/72147 Path: news.gmane.org!not-for-mail From: Richard Riley Newsgroups: gmane.emacs.gnus.general Subject: Re: Password protection Date: Wed, 29 Sep 2010 06:39:02 +0200 Organization: aich tea tea pea dicky riley dot net Message-ID: <9wsk0t88pl.fsf@news.eternal-september.org> References: <87mxr1nv0d.fsf@rimspace.net> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: dough.gmane.org 1285735215 2148 80.91.229.12 (29 Sep 2010 04:40:15 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 29 Sep 2010 04:40:15 +0000 (UTC) Cc: ding@gnus.org To: Daniel Pittman Original-X-From: ding-owner+M20520@lists.math.uh.edu Wed Sep 29 06:40:13 2010 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1P0oSj-0003Rh-AC for ding-account@gmane.org; Wed, 29 Sep 2010 06:40:13 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1P0oSG-0007NL-Db; Tue, 28 Sep 2010 23:39:44 -0500 Original-Received: from mx1.math.uh.edu ([129.7.128.32]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1P0oSE-0007N4-5H for ding@lists.math.uh.edu; Tue, 28 Sep 2010 23:39:42 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx1.math.uh.edu with esmtp (Exim 4.72) (envelope-from ) id 1P0oS9-0006zZ-3O for ding@lists.math.uh.edu; Tue, 28 Sep 2010 23:39:41 -0500 Original-Received: from mail-fx0-f44.google.com ([209.85.161.44]) by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian)) id 1P0oS8-00023c-00 for ; Wed, 29 Sep 2010 06:39:36 +0200 Original-Received: by fxm6 with SMTP id 6so362310fxm.17 for ; Tue, 28 Sep 2010 21:39:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:from:to:cc:subject :organization:references:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=HopmVAIr2N0Y3EM5CVq1L8yCPWrw2MLkFy99jjdC39A=; b=SFSX792goacdgRGTj7SVykuSCn3RjlkBY7YtzFxaCGxMKHZNJlhq7evau8F0t3LvwQ EFXHx58J2E8fGDelIv+yNzupK1iV0WvCyG3JU8SUW71oiw0qCgckE570J9Dtyx9kNlFv kfzfJWaF7KXPdjqGmmCHNdNlrf5NSvFX6hL9M= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=from:to:cc:subject:organization:references:date:in-reply-to :message-id:user-agent:mime-version:content-type; b=DbIpS798ZrF8arYxfGYR+SddJyp7XPEasaNnys6RDUOWrANlefvO2Y946r+ogN+ULw JcShOUBL6Sq45mz+vwQ7yaeA3UN5sWI7JLASby8moMl5JnpGQygU+wOaOaggHlN3WfFi idmbdfvQh7z3Bw4LD4Y3D+jl4OxmR1IVs6DRA= Original-Received: by 10.223.120.84 with SMTP id c20mr965091far.93.1285735145835; Tue, 28 Sep 2010 21:39:05 -0700 (PDT) Original-Received: from localhost ([85.183.18.158]) by mx.google.com with ESMTPS id a16sm905638fai.25.2010.09.28.21.39.03 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 28 Sep 2010 21:39:04 -0700 (PDT) In-Reply-To: <87mxr1nv0d.fsf@rimspace.net> (Daniel Pittman's message of "Wed, 29 Sep 2010 12:28:18 +1000") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux) X-Spam-Score: -2.0 (--) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:72147 Archived-At: Daniel Pittman writes: > Lars Magne Ingebrigtsen writes: > >> I find it sort of puzzling that we have to jump through all these hoops >> to get at credentials. I mean, Firefox users don't have to set up a gpg >> agent or type their passwords a gazillion times, so why should users? > > I just shove mine into ~/.netrc, set appropriate permissions, and let the > whole thing be. I did my risk assessment, encrypted my entire disk, and was > satisfied that by the time someone could steal my password through there the > could equally steal it behind the back of any encryption. > > So, yeah, I agree with you. Nice. But your case is a total fringe case so doesn't justify not using a proper agent for gpg key retrieval. To argue that its unnecessary because your entire disk is already encrypted is probably not a strong case ;)