From mboxrd@z Thu Jan 1 00:00:00 1970 From: wmorgan-sup@masanjin.net (William Morgan) Date: Tue, 03 Jul 2007 19:55:56 -0700 Subject: [sup-talk] GPG Support In-Reply-To: <1182210252-sup-8502@mona> References: <1182210252-sup-8502@mona> Message-ID: <1183517242-sup-3554@south> Excerpts from jeff.covey's message of Mon Jun 18 17:00:52 -0700 2007: > Excerpts from Chris Lee's message of Thu May 17 17:24:11 -0400 2007: > > The sources.yaml file is pgp encrypted now. > > why is that? there doesn't seem to be any sensitive information in > sources.yaml, and encrypting it makes it harder to deal with. For IMAP and mbox+ssh sources, the username and password is stored in sources.yaml. Sup is careful to create it with the right unix mode, so I'm not convinced of the vital necessity of this feature, but I'm not opposed to its very existence either. > i wouldn't bother with storing passwords/phrases and encrypting files, > i would just let gpg prompt people for the words/phrases as needed. > if they don't want to type them each time, they can use something like > gpg-agent. I tend to agree. I'm happy to offload as much functionality to other programs as possible. > i only use one key myself, but it would be nice to be able to specify a key > for each account under ":accounts:". Agreed. I haven't incorporated Chris's patch yet, mostly because I wanted to flesh out Sup's multi-account support, but now that things are better on that end, I do plan to revisit the issue. Chris, if you're still there, please don't feel like I've ignored you. -- William