Re: [PATCH 0/2] Prompting for the GPG password within Emacs
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Sun, 7 Jul 2013 23:08:22 +0000 (19:08 +2000)
committerW. Trevor King <wking@tremily.us>
Fri, 7 Nov 2014 17:55:55 +0000 (09:55 -0800)
a1/86df5b7a719f95efcb4845046262e917c0df1b [new file with mode: 0644]

diff --git a/a1/86df5b7a719f95efcb4845046262e917c0df1b b/a1/86df5b7a719f95efcb4845046262e917c0df1b
new file mode 100644 (file)
index 0000000..12e2f08
--- /dev/null
@@ -0,0 +1,118 @@
+Return-Path: <dkg@fifthhorseman.net>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+       by olra.theworths.org (Postfix) with ESMTP id ADD5C431FAF\r
+       for <notmuch@notmuchmail.org>; Sun,  7 Jul 2013 16:08:33 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: 0\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]\r
+       autolearn=disabled\r
+Received: from olra.theworths.org ([127.0.0.1])\r
+       by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
+       with ESMTP id v2lOKIr6EhDv for <notmuch@notmuchmail.org>;\r
+       Sun,  7 Jul 2013 16:08:28 -0700 (PDT)\r
+Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])\r
+       by olra.theworths.org (Postfix) with ESMTP id 396BC431FAE\r
+       for <notmuch@notmuchmail.org>; Sun,  7 Jul 2013 16:08:28 -0700 (PDT)\r
+Received: from [10.156.156.160] (cpe-69-204-251-149.nyc.res.rr.com\r
+       [69.204.251.149])\r
+       by che.mayfirst.org (Postfix) with ESMTPSA id 6419FF97F;\r
+       Sun,  7 Jul 2013 19:08:23 -0400 (EDT)\r
+Message-ID: <51D9F4E6.1030504@fifthhorseman.net>\r
+Date: Sun, 07 Jul 2013 19:08:22 -0400\r
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>\r
+User-Agent: Mozilla/5.0 (X11; Linux x86_64;\r
+       rv:17.0) Gecko/20130630 Icedove/17.0.7\r
+MIME-Version: 1.0\r
+To: Neil Roberts <neil@linux.intel.com>\r
+Subject: Re: [PATCH 0/2] Prompting for the GPG password within Emacs\r
+References: <1373195672-9338-1-git-send-email-neil@linux.intel.com>\r
+In-Reply-To: <1373195672-9338-1-git-send-email-neil@linux.intel.com>\r
+X-Enigmail-Version: 1.5.1\r
+Content-Type: multipart/signed; micalg=pgp-sha512;\r
+       protocol="application/pgp-signature";\r
+       boundary="----enig2SSCGSASEDNCAEHGCMEIM"\r
+Cc: notmuch@notmuchmail.org\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.13\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+       <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Sun, 07 Jul 2013 23:08:33 -0000\r
+\r
+This is an OpenPGP/MIME signed message (RFC 4880 and 3156)\r
+------enig2SSCGSASEDNCAEHGCMEIM\r
+Content-Type: text/plain; charset=UTF-8\r
+Content-Transfer-Encoding: quoted-printable\r
+\r
+Hi Niel--\r
+\r
+On 07/07/2013 07:14 AM, Neil Roberts wrote:\r
+\r
+> I've recently started using notmuch to try and read PGP-encrypted\r
+> email. However the trouble is I normally access my email remotely via\r
+> SSH and it's very difficult to get gpg-agent to work in those\r
+> circumstances. I've therefore made some patches to try and get Emacs\r
+> to prompt for the password. They are based on the way mml communicates\r
+> with gpg by having two pipes so that notmuch can notify Emacs that it\r
+> needs a password and it will reply on the other.\r
+\r
+I strongly encourage you to get the gpg-agent model sorted out for your\r
+use case, instead of moving in the direction of this patch series.\r
+\r
+The fewer tools that handle your OpenPGP passphrase the better, and\r
+future versions of GnuPG will not be able to work without the gpg-agent\r
+anyway (all secret key activity will be handled by the agent as of gnupg\r
+version 2.1, if i understand upstream's development plans correctly).\r
+\r
+I personally hope that notmuch (and notmuch-emacs) will resist the urge\r
+to try to handle any sort of sensitive material like secret keys or\r
+passphrases directly, but will leave that work to libraries or\r
+out-of-process agents.\r
+\r
+Can you describe what you've tried in terms of using gpg-agent?  where\r
+are your secret keys stored?  are they on your local machine, or on the\r
+remote machine?\r
+\r
+Regards,\r
+\r
+       --dkg\r
+\r
+\r
+------enig2SSCGSASEDNCAEHGCMEIM\r
+Content-Type: application/pgp-signature; name="signature.asc"\r
+Content-Description: OpenPGP digital signature\r
+Content-Disposition: attachment; filename="signature.asc"\r
+\r
+-----BEGIN PGP SIGNATURE-----\r
+Version: GnuPG v1.4.12 (GNU/Linux)\r
+Comment: Using GnuPG with Icedove - http://www.enigmail.net/\r
+\r
+iQJ8BAEBCgBmBQJR2fTmXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w\r
+ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB\r
+NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpcvLoP/2I4h0TeYVC+J9/k/5pxieaG\r
+oAYJ9XZ8D0i6UZi4jQqlK9yq6O4WN0URRXKoFURUdL6+09P2jTUvsyBo21C9Z1PN\r
+dV4xkTy5lMYRbRjOcm0CAl1VRoMcH/8gH1Ae09jr+MpmK5Qn6MHYVrllzSK/p31v\r
+yL9dozLeZtiSdRXpFtq31XKqhhOH7dhZDWB0/T4DKZfHqZ+VYIEIc3Y6esK6Mj5A\r
+haCam/SLQSfPbvZWvhTRJnFuQXLNSwrWJH/pTJd6za8mASzjbtXhtjVCs7xmEPtW\r
+buTfdqCG2/YUr6ZnwTESvRz2MkFgglgm8zstpLObdQcljyzTU2E2bPyIJ7IplyYT\r
+auphsZyeohzX8FC9PK45J0RqJqKWU85XgbZxAbYVDcRY+STrRz+cz+582ktIPTD+\r
+kkSUrLWyKI3Ixo+mbUeOhlDkO40bslP1qm01j/gy3NU6qwfPVx6jHJ+YhlAYcGp6\r
+HcFNEsvyghU1hLUbbeHb+jsuZ/2zJBb1sJaBRYV0hymIuToooT6Jea8eMNbg/jj0\r
+acx1cSxsPCn03KLY4LxKnER1qoWCekhiQZQtSYzU51xhVW1ElEDPWNGsPqJk4wS1\r
+WFCl8iSS4GVo+KTlqfyWTQLGOVHAhOaKl4AgAknSaUdPIpxYwPc8pSdj8WhFNDNj\r
+xXxbWe7vnSwVEhoGWPp5\r
+=SXrO\r
+-----END PGP SIGNATURE-----\r
+\r
+------enig2SSCGSASEDNCAEHGCMEIM--\r