From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/60527 Path: news.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: mml-secure: function doubled, passwd chache, use-my-public key Date: Sat, 02 Jul 2005 21:01:47 +0200 Message-ID: References: <87r7ejzetl.fsf@mat.ucm.es> <87psu239bo.fsf@wheatstone.g10code.de> <87hdfe1jpz.fsf@wheatstone.g10code.de> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1120331481 9619 80.91.229.2 (2 Jul 2005 19:11:21 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Sat, 2 Jul 2005 19:11:21 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+M9054@lists.math.uh.edu Sat Jul 02 21:11:13 2005 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by ciao.gmane.org with esmtp (Exim 4.43) id 1DonOP-0000z1-W0 for ding-account@gmane.org; Sat, 02 Jul 2005 21:11:10 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1DonFl-0007J9-00; Sat, 02 Jul 2005 14:02:13 -0500 Original-Received: from util2.math.uh.edu ([129.7.128.23]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1DonFd-0007J3-00 for ding@lists.math.uh.edu; Sat, 02 Jul 2005 14:02:05 -0500 Original-Received: from quimby.gnus.org ([80.91.224.244]) by util2.math.uh.edu with esmtp (Exim 4.30) id 1DonFc-0001fm-EY for ding@lists.math.uh.edu; Sat, 02 Jul 2005 14:02:04 -0500 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net ([217.13.230.178] helo=yxa.extundo.com) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1DonFU-00065J-00 for ; Sat, 02 Jul 2005 21:01:56 +0200 Original-Received: from latte.josefsson.org (c494102a.s-bi.bostream.se [217.215.27.65]) (authenticated bits=0) by yxa.extundo.com (8.13.4/8.13.4/Debian-3) with ESMTP id j62J1jWd005527 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sat, 2 Jul 2005 21:01:46 +0200 Original-To: Werner Koch OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:21:050702:ding@gnus.org::p7qmeZt87sMJN1vY:rVF X-Hashcash: 1:21:050702:wk@gnupg.org::eRdfJNHPTzF+tlhT:64NS In-Reply-To: <87hdfe1jpz.fsf@wheatstone.g10code.de> (Werner Koch's message of "Fri, 01 Jul 2005 20:09:44 +0200") User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) X-Spam-Status: No, score=0.1 required=5.0 tests=FORGED_RCVD_HELO autolearn=failed version=3.0.3 X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on yxa-iv X-Virus-Scanned: ClamAV version 0.84, clamav-milter version 0.84e on yxa.extundo.com X-Virus-Status: Clean X-Spam-Score: -4.9 (----) Precedence: bulk Original-Sender: ding-owner@lists.math.uh.edu Xref: news.gmane.org gmane.emacs.gnus.general:60527 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:60527 Werner Koch writes: >> What more than setting pgg-cache-passphrase to nil do you want? > > No, because Gnus will ask for the passphrase and the passphrase will > actually end up in the message if you accidently use it with enabled > gpg-agent. That doesn't happen here. With pgg-c-p set to nil, Gnus won't ask me for a passphrase, the pinentry dialog pop up instead (the first time), and then message is signed. No passphrase in the message either. >> Then why isn't used automatically? To get it working I had to start > > Isn't that a packaging feature? Right. It was just a rant. >> the daemon manually and add 'use-agent' to ~/.gnupg/gpg.conf. > > Without that many people would inadvertly send the passphrase with the > message; consider the usual invocation pog gpg: > > (echo passphrase; cat message) | gpg --passphrase-fd 0 ... >out.msg > > so it is far safer to require a conscious decision from the user. Ouch. OTOH, it seem wrong in the long run. Perhaps 'use-agent' can be enabled in the template gpg.conf for future users. But it will take a while to fix all applications... O well. >> is hardly user friendly. When I log on my Debian box, ssh-agent is >> started and I didn't do anything to make it run. Perhaps gpg-agent >> can be started in a similar way. And there seem to be some font bug >> in the pinentry dialog window, presumably Unicode related. > > The latest release 1.9.17 may indeed be started like ssh-agent and may > actually replace ssh-agent (except for ssh v1 keys) - you can use a > simple wrapper script named ssh-agent and everything works. See the > info page. Cool!