>>>>> "Ulf" == Ulf Ochsenfahrt <[EMAIL PROTECTED]> writes:
Ulf> The passphrase dialog on commit is my biggest problem right
Ulf> now. If the passphrase is set in the default monotonerc, then
Ulf> I'd rather just use that. If it's not set, I have to ask the
Ulf> user. Jon's original code would always ask the user, my
Ulf> current code never asks. Both approaches are clearly wrong.
Why is
encrypted(private key) + passphrase stored in ~/.monotone/monotonerc
considered any better then
private key with no passphrase
?
It has always puzzled me about monotone the fact I can't create a
private key without a passphrase (at least not last time I tried), but
I can store the passphrase in clear text in a known and obvious
location on my hard-disk.
I really think that not every private key needs to be encrypted, and
there are some applications where this is better (e.g. for server use;
ssh doesn't require a passphrase to access its private key stored in
/etc/ssh).
Sidenote: For the case where the user enters the passphrase in
manually via a prompt, does monotone use non-swappable memory to store
this passphrase?
--
Brian May <[EMAIL PROTECTED]>
_______________________________________________
Monotone-devel mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/monotone-devel
