From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Teodor Zlatanov <tzz@lifelogs.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Mon, 07 Oct 2013 17:58:01 +0000
Resent-Message-ID: <handler.15552.B.138116862925753@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: 
To: 15552@debbugs.gnu.org
X-Debbugs-Original-To: bug-gnu-emacs@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.138116862925753
          (code B ref -1); Mon, 07 Oct 2013 17:58:01 +0000
Received: (at submit) by debbugs.gnu.org; 7 Oct 2013 17:57:09 +0000
Received: from localhost ([127.0.0.1]:60749 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTF3N-0006hJ-95
	for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:09 -0400
Received: from eggs.gnu.org ([208.118.235.92]:54536)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3L-0006hB-MT
 for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3G-0002hN-Eo
 for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:07 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:41999)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3G-0002hG-BQ
 for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:02 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56222)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3B-0008J7-Hy
 for bug-gnu-emacs@gnu.org; Mon, 07 Oct 2013 13:57:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF36-0002d5-RI
 for bug-gnu-emacs@gnu.org; Mon, 07 Oct 2013 13:56:57 -0400
Received: from mail-qe0-x22b.google.com ([2607:f8b0:400d:c02::22b]:58212)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF36-0002cl-MQ
 for bug-gnu-emacs@gnu.org; Mon, 07 Oct 2013 13:56:52 -0400
Received: by mail-qe0-f43.google.com with SMTP id nc12so683498qeb.16
 for <bug-gnu-emacs@gnu.org>; Mon, 07 Oct 2013 10:56:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:subject:date:message-id:mime-version:content-type;
 bh=Xc/3SwQvWWlaUc7POB67otZ/A5IE2PxUWUlo70ysiTI=;
 b=vtQ9zTcYsNSzBEjoWT2nuPNNdArO2DWcwMYsqheFS04Ev4enYZ9AxdCerbd6ZqK6RT
 vSP+QWVr4vmcxfh2l+3p3F9abBpk7nS0xpI44e/DK0VZrPc1HL052MXfLobgv0J15h2l
 04SKvxKRYdtoD+G1+W3kUblTQFWdzPS9cKzmE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:subject:date:message-id:mime-version
 :content-type;
 bh=Xc/3SwQvWWlaUc7POB67otZ/A5IE2PxUWUlo70ysiTI=;
 b=SzZk6zUKCWb4o7GjeXPPKwjGT4qEIrAV9u9vS+3Cw0+dpzxiv61xeRbA0VpCtzbUrS
 cjC4e3q5Llxt/AEptuMz+C3f50hzXhq8XIt6hg8QZxj2lCr0pT07txECjR4yHokdHNPo
 5AlwFudS7E9A2wFSwrdHMi7T9t42bvC4tE1FGiTMwhNjj/9j4I+3ItA36SBAPRXGQN/4
 725iigxaTYZLYrzMj0mKsKaD6+2RZhGvFiVRE1wMccsaTPqJzUbTwiVjuNen6+8QCpBO
 YYSC2efPaFBT/UCCym3h+qSbN8yrwG88/1/jEz7D6U36j3OAzq0Xs1skO4nUMo/eDYPx
 d7QA==
X-Gm-Message-State: ALoCoQkltqrhQxnnD4y4I0shHHylFco6vUDDEShvFurDbEkB4QDFiRQDAqmsffOydeCgqVyu6q5q
X-Received: by 10.49.0.234 with SMTP id 10mr37922883qeh.67.1381168611299;
 Mon, 07 Oct 2013 10:56:51 -0700 (PDT)
Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net.
 [98.229.61.72])
 by mx.google.com with ESMTPSA id x8sm64585466qam.2.1969.12.31.16.00.00
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Mon, 07 Oct 2013 10:56:49 -0700 (PDT)
From: Teodor Zlatanov <tzz@lifelogs.com>
Date: Mon, 07 Oct 2013 13:56:59 -0400
Message-ID: <87r4bx0xsk.fsf@flea.lifelogs.com>
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)


1. On the local system, install GnuPG 2.x and don't run the gpg-agent
2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
3. Open file.gpg: password dialog pops up
4. close file.gpg
5. Open file.gpg: password dialog pops up again

Step (5) should not prompt.  It works properly with GnuPG 1.x.



In GNU Emacs 24.3.50.2 (x86_64-unknown-linux-gnu, GTK+ Version 3.4.4)
 of 2013-09-20 on flea.lifelogs.com
Bzr revision: 114415 rgm@gnu.org-20130921005207-1eq49miu7feptu8i
Windowing system distributor `The X.Org Foundation', version 11.0.11304000
System Description:	Gentoo Base System release 2.2




From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 07 19:41:50 2013
Received: (at control) by debbugs.gnu.org; 7 Oct 2013 23:41:50 +0000
Received: from localhost ([127.0.0.1]:33167 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTKQv-0006dT-Js
	for submit@debbugs.gnu.org; Mon, 07 Oct 2013 19:41:49 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:46731)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ueno@gnu.org>)
 id 1VTKQt-0006dJ-O1; Mon, 07 Oct 2013 19:41:48 -0400
Received: from du-a.org ([2001:e41:db5e:fb14::1]:38387 helo=debian)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ueno@gnu.org>)
 id 1VTKQs-0000qR-UP; Mon, 07 Oct 2013 19:41:47 -0400
Message-ID: <87fvscwswx.fsf-ueno-ueno@gnu.org>
From: Daiki Ueno <ueno@gnu.org>
To: Teodor Zlatanov <tzz@lifelogs.com>
Subject: Re: bug#15552: 24.3.50;
 epa-file-cache-passphrase-for-symmetric-encryption not respected with
 GnuPG 2.x
In-Reply-To: <87r4bx0xsk.fsf@flea.lifelogs.com> (Teodor Zlatanov's message of
 "Mon, 07 Oct 2013 13:56:59 -0400")
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
Date: Tue, 08 Oct 2013 08:41:40 +0900
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -5.2 (-----)
X-Debbugs-Envelope-To: control
Cc: 15552-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.2 (-----)

tags 15552 notabug
thanks

Teodor Zlatanov <tzz@lifelogs.com> writes:

> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
> 3. Open file.gpg: password dialog pops up
> 4. close file.gpg
> 5. Open file.gpg: password dialog pops up again
>
> Step (5) should not prompt.  It works properly with GnuPG 1.x.

That's intended behavior.  It is documented and I stated a number of
times the reason and why I chose such a lengthy name of the variable and
the default is nil:

1. Emacs heap is not so secure
2. Using Emacs for password input degrades the security

You never hear or remember.




From unknown Sun Jun 22 17:15:27 2025
MIME-Version: 1.0
X-Mailer: MIME-tools 5.503 (Entity 5.503)
X-Loop: help-debbugs@gnu.org
From: help-debbugs@gnu.org (GNU bug Tracking System)
To: Teodor Zlatanov <tzz@lifelogs.com>
Subject: bug#15552: closed (Re: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption
 not respected with GnuPG 2.x)
Message-ID: <handler.15552.D15552.138118931025524.notifdone@debbugs.gnu.org>
References: <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <87r4bx0xsk.fsf@flea.lifelogs.com>
X-Gnu-PR-Message: they-closed 15552
X-Gnu-PR-Package: emacs
X-Gnu-PR-Keywords: notabug
Reply-To: 15552@debbugs.gnu.org
Date: Mon, 07 Oct 2013 23:42:03 +0000
Content-Type: multipart/mixed; boundary="----------=_1381189323-25551-1"

This is a multi-part message in MIME format...

------------=_1381189323-25551-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Your bug report

#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not res=
pected with GnuPG 2.x

which was filed against the emacs package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 15552@debbugs.gnu.org.

--=20
15552: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D15552
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

------------=_1381189323-25551-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at 15552-done) by debbugs.gnu.org; 7 Oct 2013 23:41:50 +0000
Received: from localhost ([127.0.0.1]:33169 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTKQw-0006dX-1D
	for submit@debbugs.gnu.org; Mon, 07 Oct 2013 19:41:50 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:46731)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ueno@gnu.org>)
 id 1VTKQt-0006dJ-O1; Mon, 07 Oct 2013 19:41:48 -0400
Received: from du-a.org ([2001:e41:db5e:fb14::1]:38387 helo=debian)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ueno@gnu.org>)
 id 1VTKQs-0000qR-UP; Mon, 07 Oct 2013 19:41:47 -0400
Message-ID: <87fvscwswx.fsf-ueno-ueno@gnu.org>
From: Daiki Ueno <ueno@gnu.org>
To: Teodor Zlatanov <tzz@lifelogs.com>
Subject: Re: bug#15552: 24.3.50;
 epa-file-cache-passphrase-for-symmetric-encryption not respected with
 GnuPG 2.x
In-Reply-To: <87r4bx0xsk.fsf@flea.lifelogs.com> (Teodor Zlatanov's message of
 "Mon, 07 Oct 2013 13:56:59 -0400")
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
Date: Tue, 08 Oct 2013 08:41:40 +0900
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -5.2 (-----)
X-Debbugs-Envelope-To: 15552-done
Cc: 15552-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.2 (-----)

tags 15552 notabug
thanks

Teodor Zlatanov <tzz@lifelogs.com> writes:

> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
> 3. Open file.gpg: password dialog pops up
> 4. close file.gpg
> 5. Open file.gpg: password dialog pops up again
>
> Step (5) should not prompt.  It works properly with GnuPG 1.x.

That's intended behavior.  It is documented and I stated a number of
times the reason and why I chose such a lengthy name of the variable and
the default is nil:

1. Emacs heap is not so secure
2. Using Emacs for password input degrades the security

You never hear or remember.


------------=_1381189323-25551-1
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at submit) by debbugs.gnu.org; 7 Oct 2013 17:57:09 +0000
Received: from localhost ([127.0.0.1]:60749 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTF3N-0006hJ-95
	for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:09 -0400
Received: from eggs.gnu.org ([208.118.235.92]:54536)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3L-0006hB-MT
 for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3G-0002hN-Eo
 for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:07 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:41999)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3G-0002hG-BQ
 for submit@debbugs.gnu.org; Mon, 07 Oct 2013 13:57:02 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56222)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF3B-0008J7-Hy
 for bug-gnu-emacs@gnu.org; Mon, 07 Oct 2013 13:57:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF36-0002d5-RI
 for bug-gnu-emacs@gnu.org; Mon, 07 Oct 2013 13:56:57 -0400
Received: from mail-qe0-x22b.google.com ([2607:f8b0:400d:c02::22b]:58212)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <tzz@lifelogs.com>) id 1VTF36-0002cl-MQ
 for bug-gnu-emacs@gnu.org; Mon, 07 Oct 2013 13:56:52 -0400
Received: by mail-qe0-f43.google.com with SMTP id nc12so683498qeb.16
 for <bug-gnu-emacs@gnu.org>; Mon, 07 Oct 2013 10:56:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:subject:date:message-id:mime-version:content-type;
 bh=Xc/3SwQvWWlaUc7POB67otZ/A5IE2PxUWUlo70ysiTI=;
 b=vtQ9zTcYsNSzBEjoWT2nuPNNdArO2DWcwMYsqheFS04Ev4enYZ9AxdCerbd6ZqK6RT
 vSP+QWVr4vmcxfh2l+3p3F9abBpk7nS0xpI44e/DK0VZrPc1HL052MXfLobgv0J15h2l
 04SKvxKRYdtoD+G1+W3kUblTQFWdzPS9cKzmE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:subject:date:message-id:mime-version
 :content-type;
 bh=Xc/3SwQvWWlaUc7POB67otZ/A5IE2PxUWUlo70ysiTI=;
 b=SzZk6zUKCWb4o7GjeXPPKwjGT4qEIrAV9u9vS+3Cw0+dpzxiv61xeRbA0VpCtzbUrS
 cjC4e3q5Llxt/AEptuMz+C3f50hzXhq8XIt6hg8QZxj2lCr0pT07txECjR4yHokdHNPo
 5AlwFudS7E9A2wFSwrdHMi7T9t42bvC4tE1FGiTMwhNjj/9j4I+3ItA36SBAPRXGQN/4
 725iigxaTYZLYrzMj0mKsKaD6+2RZhGvFiVRE1wMccsaTPqJzUbTwiVjuNen6+8QCpBO
 YYSC2efPaFBT/UCCym3h+qSbN8yrwG88/1/jEz7D6U36j3OAzq0Xs1skO4nUMo/eDYPx
 d7QA==
X-Gm-Message-State: ALoCoQkltqrhQxnnD4y4I0shHHylFco6vUDDEShvFurDbEkB4QDFiRQDAqmsffOydeCgqVyu6q5q
X-Received: by 10.49.0.234 with SMTP id 10mr37922883qeh.67.1381168611299;
 Mon, 07 Oct 2013 10:56:51 -0700 (PDT)
Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net.
 [98.229.61.72])
 by mx.google.com with ESMTPSA id x8sm64585466qam.2.1969.12.31.16.00.00
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Mon, 07 Oct 2013 10:56:49 -0700 (PDT)
From: Teodor Zlatanov <tzz@lifelogs.com>
To: bug-gnu-emacs@gnu.org
Subject: 24.3.50;
 epa-file-cache-passphrase-for-symmetric-encryption not respected with
 GnuPG 2.x
Date: Mon, 07 Oct 2013 13:56:59 -0400
Message-ID: <87r4bx0xsk.fsf@flea.lifelogs.com>
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)


1. On the local system, install GnuPG 2.x and don't run the gpg-agent
2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
3. Open file.gpg: password dialog pops up
4. close file.gpg
5. Open file.gpg: password dialog pops up again

Step (5) should not prompt.  It works properly with GnuPG 1.x.



In GNU Emacs 24.3.50.2 (x86_64-unknown-linux-gnu, GTK+ Version 3.4.4)
 of 2013-09-20 on flea.lifelogs.com
Bzr revision: 114415 rgm@gnu.org-20130921005207-1eq49miu7feptu8i
Windowing system distributor `The X.Org Foundation', version 11.0.11304000
System Description:	Gentoo Base System release 2.2



------------=_1381189323-25551-1--


From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Ted Zlatanov <tzz@lifelogs.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 08 Oct 2013 00:47:01 +0000
Resent-Message-ID: <handler.15552.B15552.13811931987116@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: 15552@debbugs.gnu.org
Cc: ueno@gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.13811931987116
          (code B ref 15552); Tue, 08 Oct 2013 00:47:01 +0000
Received: (at 15552) by debbugs.gnu.org; 8 Oct 2013 00:46:38 +0000
Received: from localhost ([127.0.0.1]:33250 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTLRd-0001qg-Mq
	for submit@debbugs.gnu.org; Mon, 07 Oct 2013 20:46:38 -0400
Received: from mail-qe0-f46.google.com ([209.85.128.46]:38631)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <tzz@lifelogs.com>) id 1VTLRR-0001qM-Ri
 for 15552@debbugs.gnu.org; Mon, 07 Oct 2013 20:46:34 -0400
Received: by mail-qe0-f46.google.com with SMTP id x7so6014048qeu.5
 for <15552@debbugs.gnu.org>; Mon, 07 Oct 2013 17:46:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:cc:subject:organization:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:user-agent
 :mime-version:content-type;
 bh=QMqx+L3/JactKfToTR3seCnDyKC9OUHzhVqhllitGxg=;
 b=mzkEfHkPjIfnRvXkDvHVX5G4+sR2FjPWjt2abKf1tC9xu0thIHjMLaXs5+5tDnlqsZ
 iMgpCbdLQz9DC7z2zl3h7krpFrn19hRi6qS6WDdT2WihUF1Eo6MImwlIeGwvQDlG1DJY
 96a1JNotO1x3v0B1opCT85xzRsFlJqURxXDnc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:organization:references
 :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id
 :user-agent:mime-version:content-type;
 bh=QMqx+L3/JactKfToTR3seCnDyKC9OUHzhVqhllitGxg=;
 b=aszHNPJKm6bKdH/jEA+3uh/iTRyxx2U/c3k5BrwJeYM9zDC4pFB1xRTtI0+w2nnx9f
 2z+mQuHpNS2S7az2qteNiuG/MGdX0XiVmkef9v38OxHaGgbi5lMnjJ+9k30S27pQns/r
 fTadSMmZ8vJXyfUjIJU0tLXeR5HvSbZGTK0f9a67eIrht9ieLnKPQn6xmBSBnlLpaRVI
 u8BvqhoZQX16fkeiXkHVrS65Y7k+kcQWrxOfrpGWUYGKf5nuxfdoCdmUpsjhK6zLyX9m
 0SSKEjT39AJVLcwMr1219MRLgUMGo3HVPcAVzQe9etWmx414Eni1jO+ynSvY1Fmj9vCH
 Vysw==
X-Gm-Message-State: ALoCoQkN1GQubkn+9sBd5HJaR2rlmS7ovUjY4rRvLpOdZY1X95XOipoFvsu1n11/PhTmxcOCxhdE
X-Received: by 10.49.24.74 with SMTP id s10mr40723342qef.24.1381193185118;
 Mon, 07 Oct 2013 17:46:25 -0700 (PDT)
Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net.
 [98.229.61.72])
 by mx.google.com with ESMTPSA id l4sm68307716qae.4.1969.12.31.16.00.00
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Mon, 07 Oct 2013 17:46:24 -0700 (PDT)
From: Ted Zlatanov <tzz@lifelogs.com>
Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
 d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
 D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Mon, 07 Oct 2013 20:46:34 -0400
In-Reply-To: <87fvscwswx.fsf-ueno-ueno@gnu.org> (Daiki Ueno's message of "Tue, 
 08 Oct 2013 08:41:40 +0900")
Message-ID: <878uy4zj11.fsf@flea.lifelogs.com>
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Tue, 08 Oct 2013 08:41:40 +0900 Daiki Ueno <ueno@gnu.org> wrote: 

DU> tags 15552 notabug
DU> thanks

DU> Teodor Zlatanov <tzz@lifelogs.com> writes:

>> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
>> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
>> 3. Open file.gpg: password dialog pops up
>> 4. close file.gpg
>> 5. Open file.gpg: password dialog pops up again
>> 
>> Step (5) should not prompt.  It works properly with GnuPG 1.x.

DU> That's intended behavior.  It is documented and I stated a number of
DU> times the reason and why I chose such a lengthy name of the variable and
DU> the default is nil:

DU> 1. Emacs heap is not so secure
DU> 2. Using Emacs for password input degrades the security

(please note I opened this at Stefan's request; I knew you wouldn't be
interested in resolving it)

I appreciate your concern for security, but the behavior is broken from
a user's perspective and you make no effort to help at the time the
issue occurs.  You could, for instance, check the GnuPG version and be
helpful.

At least fix the docstring and maybe emit a message to be helpful about
it.  There's no mention that it breaks with GnuPG 2.x:

epa-file-cache-passphrase-for-symmetric-encryption is a variable defined in `epa-file.el'.
Its value is t
Original value was nil

Documentation:
If non-nil, cache passphrase for symmetric encryption.

For security reasons, this option is turned off by default and
not recommended to use.  Instead, consider using public-key
encryption with gpg-agent which does the same job in a safer
way.

DU> You never hear or remember.

Right, thanks again.

Ted




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Stefan Monnier <monnier@iro.umontreal.ca>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 08 Oct 2013 03:15:02 +0000
Resent-Message-ID: <handler.15552.B15552.138120209020463@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: 15552@debbugs.gnu.org
Cc: tzz@lifelogs.com, ueno@gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138120209020463
          (code B ref 15552); Tue, 08 Oct 2013 03:15:02 +0000
Received: (at 15552) by debbugs.gnu.org; 8 Oct 2013 03:14:50 +0000
Received: from localhost ([127.0.0.1]:33475 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTNl3-0005Jz-TV
	for submit@debbugs.gnu.org; Mon, 07 Oct 2013 23:14:50 -0400
Received: from ironport2-out.teksavvy.com ([206.248.154.182]:46009)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VTNl1-0005Jq-Cb
 for 15552@debbugs.gnu.org; Mon, 07 Oct 2013 23:14:48 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh4BAQQBViMFCwswBAcLFBgNiEIGwS2NYQJLglwDpHqBXoJqKQ
X-IPAS-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh4BAQQBViMFCwswBAcLFBgNiEIGwS2NYQJLglwDpHqBXoJqKQ
X-IronPort-AV: E=Sophos;i="4.84,565,1355115600"; d="scan'208";a="34986333"
Received: from 206-248-175-45.dsl.teksavvy.com (HELO pastel.home)
 ([206.248.175.45])
 by ironport2-out.teksavvy.com with ESMTP/TLS/ADH-AES256-SHA;
 07 Oct 2013 23:11:07 -0400
Received: by pastel.home (Postfix, from userid 20848)
 id 482746049A; Mon,  7 Oct 2013 23:14:41 -0400 (EDT)
From: Stefan Monnier <monnier@iro.umontreal.ca>
Message-ID: <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
Date: Mon, 07 Oct 2013 23:14:41 -0400
In-Reply-To: <87fvscwswx.fsf-ueno-ueno@gnu.org> (Daiki Ueno's message of "Tue, 
 08 Oct 2013 08:41:40 +0900")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.3 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

>> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
>> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
>> 3. Open file.gpg: password dialog pops up
>> 4. close file.gpg
>> 5. Open file.gpg: password dialog pops up again
>> Step (5) should not prompt.  It works properly with GnuPG 1.x.
> That's intended behavior.

Could you give the rationale for it?

> It is documented and I stated a number of times the reason and why
> I chose such a lengthy name of the variable and the default is nil:

I understand why it is nil by default, but if the user sets it to t,
presumably he doesn't care about the fact that storing the password in
Emacs heap is insecure.  So why does 5 prompt the user, even tho he
specifically asked for Emacs to cache the password?


        Stefan




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Daiki Ueno <ueno@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 08 Oct 2013 07:04:01 +0000
Resent-Message-ID: <handler.15552.B15552.138121581312039@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Stefan Monnier <monnier@iro.umontreal.ca>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138121581312039
          (code B ref 15552); Tue, 08 Oct 2013 07:04:01 +0000
Received: (at 15552) by debbugs.gnu.org; 8 Oct 2013 07:03:33 +0000
Received: from localhost ([127.0.0.1]:33783 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTRKN-000384-MC
	for submit@debbugs.gnu.org; Tue, 08 Oct 2013 03:03:32 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:52158)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ueno@gnu.org>) id 1VTRKK-00037t-SF
 for 15552@debbugs.gnu.org; Tue, 08 Oct 2013 03:03:29 -0400
Received: from du-a.org ([2001:e41:db5e:fb14::1]:38419 helo=debian)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ueno@gnu.org>)
 id 1VTRKJ-0001B0-UM; Tue, 08 Oct 2013 03:03:28 -0400
Message-ID: <87hacsutvp.fsf-ueno@gnu.org>
From: Daiki Ueno <ueno@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
Date: Tue, 08 Oct 2013 16:03:22 +0900
In-Reply-To: <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org> (Stefan Monnier's
 message of "Mon, 07 Oct 2013 23:14:41 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -5.2 (-----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.2 (-----)

Stefan Monnier <monnier@iro.umontreal.ca> writes:

>>> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
>>> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
>>> 3. Open file.gpg: password dialog pops up
>>> 4. close file.gpg
>>> 5. Open file.gpg: password dialog pops up again
>>> Step (5) should not prompt.  It works properly with GnuPG 1.x.
>> That's intended behavior.
>
> Could you give the rationale for it?

When gpg-agent is not properly set up as a daemon, gpg2 invokes
gpg-agent internally for each session.  In the above case, there are two
gpg2 sessions (two "Open") and thus there are two gpg-agent processes,
which don't share the passphrase.

>> It is documented and I stated a number of times the reason and why
>> I chose such a lengthy name of the variable and the default is nil:
>
> I understand why it is nil by default, but if the user sets it to t,
> presumably he doesn't care about the fact that storing the password in
> Emacs heap is insecure.

When epg.el was written, the intention of the option was the last resort
for those who only have gpg1 and can't use gpg-agent.  Since then, I've
recommended to migrate to more secure way (i.e. using gpg-agent).

Given that gpg-agent (gpg2) is now available everywhere, I think there's
no reason to advertise the use of this variable, although at some point
a few people (afaik, only Ted) started exploiting this option to provide
degraded security for usability.

So the question is, would we really like to proactively support such a
degraded security in Emacs?




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Ted Zlatanov <tzz@lifelogs.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 08 Oct 2013 10:48:01 +0000
Resent-Message-ID: <handler.15552.B15552.1381229251737@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Daiki Ueno <ueno@gnu.org>
Cc: Stefan Monnier <monnier@iro.umontreal.ca>, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.1381229251737
          (code B ref 15552); Tue, 08 Oct 2013 10:48:01 +0000
Received: (at 15552) by debbugs.gnu.org; 8 Oct 2013 10:47:31 +0000
Received: from localhost ([127.0.0.1]:34115 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTUp8-0000Bo-Oe
	for submit@debbugs.gnu.org; Tue, 08 Oct 2013 06:47:31 -0400
Received: from mail-qa0-f51.google.com ([209.85.216.51]:45869)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <tzz@lifelogs.com>) id 1VTUp6-0000Bg-SV
 for 15552@debbugs.gnu.org; Tue, 08 Oct 2013 06:47:29 -0400
Received: by mail-qa0-f51.google.com with SMTP id j15so3648955qaq.17
 for <15552@debbugs.gnu.org>; Tue, 08 Oct 2013 03:47:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:cc:subject:organization:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:user-agent
 :mime-version:content-type;
 bh=tbC69QCG8njEcj30sEoILMoWZAOPnq5rQpSvcvfFti4=;
 b=aLNnSe+k67LslASzf7QMe5OYxmey8B6kivwmd5CqhuEbzuH39jn1JT25NCF9BB6wCG
 Wq5Og8b0ESTUpNk1uqB45T0kO8RCdl8na4vrj0o1rt+lRuOMK8xz2wHvC7ootdGE/lnt
 GVlFXWFXkklQJdIje2bT8g4iW7r4asrwzGy5g=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:organization:references
 :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id
 :user-agent:mime-version:content-type;
 bh=tbC69QCG8njEcj30sEoILMoWZAOPnq5rQpSvcvfFti4=;
 b=AIP47HNwNJp63dg5R0HflDIqzOcEDrXVj0Zel9hQwCV52zfWRXQwlce6lykjsWpsUw
 zfWHw3ZO3jXXtt9kn0lGpFR9MyvXcHvGdFQ/M5M0LufqYZby9IzmAOTaMJKV6xSIPcVz
 mc2Zq+o11kU94EzHPgiteLsDutYnSn1E4AsdybMoylTBzx2rxY6XRfwUMGKq7V1WxjdI
 dUWecUz4JozqqeqgMrQCB+AnHw0+1yt8vK84mcf5VBz/iJmmC4J9CUOV/ZO3oGCBlBO0
 QwYiTz+n3WVl3c01LN4AljWa1wYfeyBLZlkrDMBW26FwZjuRHxnLFAklMROPKvFFooFp
 +YuQ==
X-Gm-Message-State: ALoCoQkQEH7kmRC/yC86cBfVxcBX6ftXqMfMqJ+EgNgNHwbY9VZ24I0tceVtu1vKNNwAoW0hFpau
X-Received: by 10.224.166.208 with SMTP id n16mr722930qay.112.1381229248182;
 Tue, 08 Oct 2013 03:47:28 -0700 (PDT)
Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net.
 [98.229.61.72])
 by mx.google.com with ESMTPSA id x1sm72728016qai.6.1969.12.31.16.00.00
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Tue, 08 Oct 2013 03:47:27 -0700 (PDT)
From: Ted Zlatanov <tzz@lifelogs.com>
Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
 d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
 D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Tue, 08 Oct 2013 06:47:38 -0400
In-Reply-To: <87hacsutvp.fsf-ueno@gnu.org> (Daiki Ueno's message of "Tue, 08
 Oct 2013 16:03:22 +0900")
Message-ID: <87hacsxcmt.fsf@flea.lifelogs.com>
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Tue, 08 Oct 2013 16:03:22 +0900 Daiki Ueno <ueno@gnu.org> wrote: 

DU> Stefan Monnier <monnier@iro.umontreal.ca> writes:

>>> It is documented and I stated a number of times the reason and why
>>> I chose such a lengthy name of the variable and the default is nil:
>> 
>> I understand why it is nil by default, but if the user sets it to t,
>> presumably he doesn't care about the fact that storing the password in
>> Emacs heap is insecure.

DU> When epg.el was written, the intention of the option was the last resort
DU> for those who only have gpg1 and can't use gpg-agent.  Since then, I've
DU> recommended to migrate to more secure way (i.e. using gpg-agent).

OK, so at least note it in the variable docstring.

DU> Given that gpg-agent (gpg2) is now available everywhere, I think there's
DU> no reason to advertise the use of this variable, although at some point
DU> a few people (afaik, only Ted) started exploiting this option to provide
DU> degraded security for usability.

I believe several use it, based on auth-source.el related issues.  But I
haven't kept a list.

DU> So the question is, would we really like to proactively support such a
DU> degraded security in Emacs?

Since you've moved beyond the issue at hand, I think we should start
with considering whether one security model fits all users.  Surely you
agree that this is not as clear as your question makes it sound, and
that at least some of the risk assessment should be up to the user?

Ted




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Stefan Monnier <monnier@iro.umontreal.ca>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 08 Oct 2013 17:18:02 +0000
Resent-Message-ID: <handler.15552.B15552.13812526639178@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Daiki Ueno <ueno@gnu.org>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.13812526639178
          (code B ref 15552); Tue, 08 Oct 2013 17:18:02 +0000
Received: (at 15552) by debbugs.gnu.org; 8 Oct 2013 17:17:43 +0000
Received: from localhost ([127.0.0.1]:35335 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTauk-0002Nx-UB
	for submit@debbugs.gnu.org; Tue, 08 Oct 2013 13:17:43 -0400
Received: from ironport2-out.teksavvy.com ([206.248.154.182]:56702)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VTauj-0002Nq-85
 for 15552@debbugs.gnu.org; Tue, 08 Oct 2013 13:17:41 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh8BBVYjEAswBAcLFBgNJIgksR+QDo1jgycDpHqBXoMT
X-IPAS-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh8BBVYjEAswBAcLFBgNJIgksR+QDo1jgycDpHqBXoMT
X-IronPort-AV: E=Sophos;i="4.84,565,1355115600"; d="scan'208";a="35036390"
Received: from 206-248-175-45.dsl.teksavvy.com (HELO pastel.home)
 ([206.248.175.45])
 by ironport2-out.teksavvy.com with ESMTP/TLS/ADH-AES256-SHA;
 08 Oct 2013 13:13:59 -0400
Received: by pastel.home (Postfix, from userid 20848)
 id 75DDA6028B; Tue,  8 Oct 2013 13:17:40 -0400 (EDT)
From: Stefan Monnier <monnier@iro.umontreal.ca>
Message-ID: <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
Date: Tue, 08 Oct 2013 13:17:40 -0400
In-Reply-To: <87hacsutvp.fsf-ueno@gnu.org> (Daiki Ueno's message of "Tue, 08
 Oct 2013 16:03:22 +0900")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.3 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

>>>> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
>>>> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
>>>> 3. Open file.gpg: password dialog pops up
>>>> 4. close file.gpg
>>>> 5. Open file.gpg: password dialog pops up again
>>>> Step (5) should not prompt.  It works properly with GnuPG 1.x.
>>> That's intended behavior.
>> Could you give the rationale for it?
> When gpg-agent is not properly set up as a daemon, gpg2 invokes
> gpg-agent internally for each session.  In the above case, there are two
> gpg2 sessions (two "Open") and thus there are two gpg-agent processes,
> which don't share the passphrase.

That explains technically why gpg prompts twice, but it doesn't indicate
that this implementation was designed specifically so that step
5 prompts again.  I.e. it's not "intended behavior", but rather
"expected behavior" due to implementation choices.

Still I'm confused: what kind of caching does
epa-file-cache-passphrase-for-symmetric-encryption offer, then?
>From the docstring I got the impression that it would cache the
passphrase in Emacs's heap, so gpg's own caching should be largely
irrelevant (in the second session it will prompt for a password, which
Emacs should provide from its own cache without prompting the user).


        Stefan "Also confused about what "symmetric" has to do with it"




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Daiki Ueno <ueno@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Tue, 08 Oct 2013 21:53:01 +0000
Resent-Message-ID: <handler.15552.B15552.138126912715528@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Stefan Monnier <monnier@iro.umontreal.ca>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138126912715528
          (code B ref 15552); Tue, 08 Oct 2013 21:53:01 +0000
Received: (at 15552) by debbugs.gnu.org; 8 Oct 2013 21:52:07 +0000
Received: from localhost ([127.0.0.1]:35930 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTfCI-00042M-Hq
	for submit@debbugs.gnu.org; Tue, 08 Oct 2013 17:52:06 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:38708)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ueno@gnu.org>) id 1VTfCG-00042B-AL
 for 15552@debbugs.gnu.org; Tue, 08 Oct 2013 17:52:04 -0400
Received: from du-a.org ([2001:e41:db5e:fb14::1]:38484 helo=debian)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ueno@gnu.org>)
 id 1VTfCF-0006ne-9z; Tue, 08 Oct 2013 17:52:03 -0400
Message-ID: <87fvsbctxe.fsf-ueno@gnu.org>
From: Daiki Ueno <ueno@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
Date: Wed, 09 Oct 2013 06:51:57 +0900
In-Reply-To: <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org> (Stefan Monnier's
 message of "Tue, 08 Oct 2013 13:17:40 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -5.3 (-----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.3 (-----)

Stefan Monnier <monnier@iro.umontreal.ca> writes:

>>>>> 1. On the local system, install GnuPG 2.x and don't run the gpg-agent
>>>>> 2. Set epa-file-cache-passphrase-for-symmetric-encryption to t
>>>>> 3. Open file.gpg: password dialog pops up
>>>>> 4. close file.gpg
>>>>> 5. Open file.gpg: password dialog pops up again
>>>>> Step (5) should not prompt.  It works properly with GnuPG 1.x.

> Still I'm confused: what kind of caching does
> epa-file-cache-passphrase-for-symmetric-encryption offer, then?
> From the docstring I got the impression that it would cache the
> passphrase in Emacs's heap, so gpg's own caching should be largely
> irrelevant (in the second session it will prompt for a password, which
> Emacs should provide from its own cache without prompting the user).

It used to work like that with gpg1.  However, gpg2's implementation
choice is that it does not leak the indication that gpg2 (actually
gpg-agent) requires passphrase and it does not allow other tools than
pinentry to inject passphrase.

IMO that's a good idea for security (as pinentry uses secmem).

>         Stefan "Also confused about what "symmetric" has to do with it"

Perhaps you could try the above recipe under gpg-agent is properly set up:

$ echo abc > file
$ gpg --symmetric file
$ eval `gpg-agent --daemon`
$ gpg2 < file.gpg
$ gpg2 < file.gpg

You won't be asked for the passphrase at the second time, because
gpg-agent remembers passphrase based on the file content.




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Stefan Monnier <monnier@iro.umontreal.ca>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 09 Oct 2013 03:03:02 +0000
Resent-Message-ID: <handler.15552.B15552.138128772211802@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Daiki Ueno <ueno@gnu.org>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138128772211802
          (code B ref 15552); Wed, 09 Oct 2013 03:03:02 +0000
Received: (at 15552) by debbugs.gnu.org; 9 Oct 2013 03:02:02 +0000
Received: from localhost ([127.0.0.1]:36326 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTk2D-00034B-Bi
	for submit@debbugs.gnu.org; Tue, 08 Oct 2013 23:02:01 -0400
Received: from ironport2-out.teksavvy.com ([206.248.154.182]:48772)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VTk2B-000343-F0
 for 15552@debbugs.gnu.org; Tue, 08 Oct 2013 23:01:59 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh4BAQQBViMFCwswBAcLFBgNJIgeBrEfkA6NY4MnA6R6gV6DEw
X-IPAS-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh4BAQQBViMFCwswBAcLFBgNJIgeBrEfkA6NY4MnA6R6gV6DEw
X-IronPort-AV: E=Sophos;i="4.84,565,1355115600"; d="scan'208";a="35077048"
Received: from 206-248-175-45.dsl.teksavvy.com (HELO fmsmemgm.homelinux.net)
 ([206.248.175.45])
 by ironport2-out.teksavvy.com with ESMTP/TLS/ADH-AES256-SHA;
 08 Oct 2013 22:58:16 -0400
Received: by fmsmemgm.homelinux.net (Postfix, from userid 20848)
 id 9ADA7AE215; Tue,  8 Oct 2013 23:01:58 -0400 (EDT)
From: Stefan Monnier <monnier@iro.umontreal.ca>
Message-ID: <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
Date: Tue, 08 Oct 2013 23:01:58 -0400
In-Reply-To: <87fvsbctxe.fsf-ueno@gnu.org> (Daiki Ueno's message of "Wed, 09
 Oct 2013 06:51:57 +0900")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.3 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

> It used to work like that with gpg1.  However, gpg2's implementation
> choice is that it does not leak the indication that gpg2 (actually
> gpg-agent) requires passphrase and it does not allow other tools than
> pinentry to inject passphrase.

IOW epa-file-cache-passphrase-for-symmetric-encryption only works for
gpg1 and not for gpg2?

> IMO that's a good idea for security (as pinentry uses secmem).

There are many situations where local security is not nearly as
important as convenience.  But IIUC with gpg2 the general answer is "use
gpg-agent to do the caching", and it's supposed to work fine (i.e. it's
just as convenient as caching the password in Emacs).

>> Stefan "Also confused about what "symmetric" has to do with it"
> Perhaps you could try the above recipe under gpg-agent is properly set up:
> $ echo abc > file
> $ gpg --symmetric file
> $ eval `gpg-agent --daemon`
> $ gpg2 < file.gpg
> $ gpg2 < file.gpg
> You won't be asked for the passphrase at the second time, because
> gpg-agent remembers passphrase based on the file content.

That doesn't really explain to me why
epa-file-cache-passphrase-for-symmetric-encryption has "symmetric" in
its name and more specifically why caching of passphrases would be
different for symmetric than for public key cryptography.


        Stefan




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Daiki Ueno <ueno@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 09 Oct 2013 03:54:02 +0000
Resent-Message-ID: <handler.15552.B15552.138129080316392@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Stefan Monnier <monnier@iro.umontreal.ca>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138129080316392
          (code B ref 15552); Wed, 09 Oct 2013 03:54:02 +0000
Received: (at 15552) by debbugs.gnu.org; 9 Oct 2013 03:53:23 +0000
Received: from localhost ([127.0.0.1]:36399 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTkpu-0004GJ-PS
	for submit@debbugs.gnu.org; Tue, 08 Oct 2013 23:53:23 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:43020)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ueno@gnu.org>) id 1VTkps-0004GB-7J
 for 15552@debbugs.gnu.org; Tue, 08 Oct 2013 23:53:21 -0400
Received: from du-a.org ([2001:e41:db5e:fb14::1]:38530
 helo=localhost.localdomain)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ueno@gnu.org>)
 id 1VTkpq-0002SK-Qt; Tue, 08 Oct 2013 23:53:19 -0400
Message-ID: <m3fvsb6qxh.fsf-ueno@gnu.org>
From: Daiki Ueno <ueno@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
Date: Wed, 09 Oct 2013 12:53:14 +0900
In-Reply-To: <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org> (Stefan Monnier's
 message of "Tue, 08 Oct 2013 23:01:58 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -5.3 (-----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.3 (-----)

Stefan Monnier <monnier@iro.umontreal.ca> writes:

>> It used to work like that with gpg1.  However, gpg2's implementation
>> choice is that it does not leak the indication that gpg2 (actually
>> gpg-agent) requires passphrase and it does not allow other tools than
>> pinentry to inject passphrase.
>
> IOW epa-file-cache-passphrase-for-symmetric-encryption only works for
> gpg1 and not for gpg2?

s/works/has no effect/

>> IMO that's a good idea for security (as pinentry uses secmem).
>
> There are many situations where local security is not nearly as
> important as convenience.  But IIUC with gpg2 the general answer is "use
> gpg-agent to do the caching", and it's supposed to work fine (i.e. it's
> just as convenient as caching the password in Emacs).

In this bug report, the reporter intentionally does not set up gpg-agent
for his login session.  Even the GnuPG 2.x manual spends one chapter on
setting up gpg-agent before the chapter on gpg command itself.

>>> Stefan "Also confused about what "symmetric" has to do with it"
>> Perhaps you could try the above recipe under gpg-agent is properly set up:
>> $ echo abc > file
>> $ gpg --symmetric file
>> $ eval `gpg-agent --daemon`
>> $ gpg2 < file.gpg
>> $ gpg2 < file.gpg
>> You won't be asked for the passphrase at the second time, because
>> gpg-agent remembers passphrase based on the file content.
>
> That doesn't really explain to me why
> epa-file-cache-passphrase-for-symmetric-encryption has "symmetric" in
> its name and more specifically why caching of passphrases would be
> different for symmetric than for public key cryptography.

I didn't get the question correctly, then.

Look at the matrix of (info "(epa) Caching Passphrases"), check when a
user is suggested to "set up elisp passphrase cache".

Anyway, the name is not so important to me, as long as it discourages
the use of the variable, so it could be
e.g. epg-file-yo-mama-wears-fancy-glasses-detection-enabled.

https://news.ycombinator.com/item?id=6372466




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Ted Zlatanov <tzz@lifelogs.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 09 Oct 2013 09:33:01 +0000
Resent-Message-ID: <handler.15552.B15552.138131113415648@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Daiki Ueno <ueno@gnu.org>
Cc: Stefan Monnier <monnier@iro.umontreal.ca>, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138131113415648
          (code B ref 15552); Wed, 09 Oct 2013 09:33:01 +0000
Received: (at 15552) by debbugs.gnu.org; 9 Oct 2013 09:32:14 +0000
Received: from localhost ([127.0.0.1]:36790 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTq7p-00044J-9y
	for submit@debbugs.gnu.org; Wed, 09 Oct 2013 05:32:13 -0400
Received: from mail-qa0-f53.google.com ([209.85.216.53]:47174)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <tzz@lifelogs.com>) id 1VTq7d-00043p-OC
 for 15552@debbugs.gnu.org; Wed, 09 Oct 2013 05:32:11 -0400
Received: by mail-qa0-f53.google.com with SMTP id k4so445870qaq.12
 for <15552@debbugs.gnu.org>; Wed, 09 Oct 2013 02:32:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google;
 h=from:to:cc:subject:organization:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:user-agent
 :mime-version:content-type;
 bh=MSANpqFaWeo9aH0/JCHdfJU2Fa09RpbgLPbtNq439pA=;
 b=QMkFfbZMLGoFPloxdO0CENRiAcWW6q9AexeJTNjokpSomjgey5sBJSOrSms/OAY/+X
 uk3PZbz5RtmcHiJANhtUEtjN8yabkbsCsyBb3jFHcBC9AzO9iZE8DW/VNrObK0GdBBeU
 bNyzCkyFzdrKCThlCA+KnUZAcrQqXeX2oYeIM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:organization:references
 :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id
 :user-agent:mime-version:content-type;
 bh=MSANpqFaWeo9aH0/JCHdfJU2Fa09RpbgLPbtNq439pA=;
 b=f5n50igcaah46MiB4F51s6gHgJgWjev0zRXDjj2q+s2f0AWChmfBmE0Yu/XUhkIGBO
 LzTPkoefyQ9kgGjjL4sKH48Yea0TWEY62iTS74en57NsCtnSh4PlaWAu8TyfuAZzXgpf
 znh+DYasYtC6xh5w4JpmdWfgJTNs3nSwZ3l3EVgdneUzdR0tsthkIuFhsMjvJshA2NRR
 xFJBIaQ6iijcCNtgAKOraoeDbCQnrkigSxiRr5Ys2ZYYsoQkrEfKlgTF1NiJzs0VXBcv
 NdeiiduvjB9Xa5FkVjM6kWTSfeI8EunOl+UoergCzxW6sXe56IKMQVo3hNaZvPDBt+qx
 /6aA==
X-Gm-Message-State: ALoCoQno31sfUvvZe3SDw3gwpKjXaSYTnvo8QtaJgBB6S3pbvda84SkyiSIZEwOP5MeBmCKwpNHG
X-Received: by 10.49.53.10 with SMTP id x10mr8013964qeo.46.1381311121059;
 Wed, 09 Oct 2013 02:32:01 -0700 (PDT)
Received: from flea.lifelogs.com (c-98-229-61-72.hsd1.ma.comcast.net.
 [98.229.61.72])
 by mx.google.com with ESMTPSA id g2sm84232940qaf.12.1969.12.31.16.00.00
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Wed, 09 Oct 2013 02:32:00 -0700 (PDT)
From: Ted Zlatanov <tzz@lifelogs.com>
Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
 <m3fvsb6qxh.fsf-ueno@gnu.org>
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
 d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
 D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Wed, 09 Oct 2013 05:32:11 -0400
In-Reply-To: <m3fvsb6qxh.fsf-ueno@gnu.org> (Daiki Ueno's message of "Wed, 09
 Oct 2013 12:53:14 +0900")
Message-ID: <87txgqu6w4.fsf@flea.lifelogs.com>
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -0.7 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

On Wed, 09 Oct 2013 12:53:14 +0900 Daiki Ueno <ueno@gnu.org> wrote: 

DU> I didn't get the question correctly, then.

DU> Look at the matrix of (info "(epa) Caching Passphrases"), check when a
DU> user is suggested to "set up elisp passphrase cache".

DU> Anyway, the name is not so important to me, as long as it discourages
DU> the use of the variable, so it could be
DU> e.g. epg-file-yo-mama-wears-fancy-glasses-detection-enabled.

DU> https://news.ycombinator.com/item?id=6372466

Since it still works as described for GnuPG 1.x, please fix the
variable's docstring to mention that it doesn't work with 2.x.  You
could also add a reference to the manual page as shown above, and in the
manual you could synchronize the variable description with the
docstring, also adding the xref:

@defvar epa-file-cache-passphrase-for-symmetric-encryption
If non-@code{nil}, cache passphrase for symmetric encryption.  The
default value is @code{nil}.
@end defvar

Right now, you have to read the whole manual or search for the variable
name specifically to find that table.  It's not a big manual but it's
still nice to the user.

Thanks
Ted




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Stefan Monnier <monnier@iro.umontreal.ca>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Wed, 09 Oct 2013 12:41:01 +0000
Resent-Message-ID: <handler.15552.B15552.13813224385031@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Daiki Ueno <ueno@gnu.org>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.13813224385031
          (code B ref 15552); Wed, 09 Oct 2013 12:41:01 +0000
Received: (at 15552) by debbugs.gnu.org; 9 Oct 2013 12:40:38 +0000
Received: from localhost ([127.0.0.1]:37149 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VTt49-0001J3-Sz
	for submit@debbugs.gnu.org; Wed, 09 Oct 2013 08:40:38 -0400
Received: from ironport2-out.teksavvy.com ([206.248.154.182]:18010)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VTt47-0001Iu-AV
 for 15552@debbugs.gnu.org; Wed, 09 Oct 2013 08:40:35 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh4BAQQBViMFCws0BwsUGA0kiB4GwS2RCgOkeoFegxM
X-IPAS-Result: Av8EABK/CFHO+K8t/2dsb2JhbABEuzWDWRdzgh4BAQQBViMFCws0BwsUGA0kiB4GwS2RCgOkeoFegxM
X-IronPort-AV: E=Sophos;i="4.84,565,1355115600"; d="scan'208";a="35100247"
Received: from 206-248-175-45.dsl.teksavvy.com (HELO pastel.home)
 ([206.248.175.45])
 by ironport2-out.teksavvy.com with ESMTP/TLS/ADH-AES256-SHA;
 09 Oct 2013 08:36:50 -0400
Received: by pastel.home (Postfix, from userid 20848)
 id 6FB806133B; Wed,  9 Oct 2013 08:40:34 -0400 (EDT)
From: Stefan Monnier <monnier@iro.umontreal.ca>
Message-ID: <jwvr4buzktz.fsf-monnier+emacsbugs@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
 <m3fvsb6qxh.fsf-ueno@gnu.org>
Date: Wed, 09 Oct 2013 08:40:34 -0400
In-Reply-To: <m3fvsb6qxh.fsf-ueno@gnu.org> (Daiki Ueno's message of "Wed, 09
 Oct 2013 12:53:14 +0900")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.3 (/)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

>>> It used to work like that with gpg1.  However, gpg2's implementation
>>> choice is that it does not leak the indication that gpg2 (actually
>>> gpg-agent) requires passphrase and it does not allow other tools than
>>> pinentry to inject passphrase.
>> IOW epa-file-cache-passphrase-for-symmetric-encryption only works for
>> gpg1 and not for gpg2?
> s/works/has no effect/

Same difference.  The docstring should prominently say that this var
doesn't work with gpg2 because gpg2 does not let Emacs cache the
passphrase (IIUC we can't make this var effective without changes in
gpg2).

> I didn't get the question correctly, then.
> Look at the matrix of (info "(epa) Caching Passphrases"), check when a
> user is suggested to "set up elisp passphrase cache".

That repeats the fact that symmetric encryption is handled differently
but still doesn't help me understand why.


        Stefan




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Daiki Ueno <ueno@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Thu, 10 Oct 2013 03:09:02 +0000
Resent-Message-ID: <handler.15552.B15552.138137452718592@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Stefan Monnier <monnier@iro.umontreal.ca>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138137452718592
          (code B ref 15552); Thu, 10 Oct 2013 03:09:02 +0000
Received: (at 15552) by debbugs.gnu.org; 10 Oct 2013 03:08:47 +0000
Received: from localhost ([127.0.0.1]:39217 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VU6cI-0004pn-7n
	for submit@debbugs.gnu.org; Wed, 09 Oct 2013 23:08:46 -0400
Received: from fencepost.gnu.org ([208.118.235.10]:36593)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <ueno@gnu.org>) id 1VU6cG-0004pe-9j
 for 15552@debbugs.gnu.org; Wed, 09 Oct 2013 23:08:44 -0400
Received: from du-a.org ([2001:e41:db5e:fb14::1]:38651
 helo=localhost.localdomain)
 by fencepost.gnu.org with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <ueno@gnu.org>)
 id 1VU6cF-0000Oq-9x; Wed, 09 Oct 2013 23:08:43 -0400
Message-ID: <m3eh7t3jrc.fsf-ueno@gnu.org>
From: Daiki Ueno <ueno@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
 <m3fvsb6qxh.fsf-ueno@gnu.org>
 <jwvr4buzktz.fsf-monnier+emacsbugs@gnu.org>
Date: Thu, 10 Oct 2013 12:08:39 +0900
In-Reply-To: <jwvr4buzktz.fsf-monnier+emacsbugs@gnu.org> (Stefan Monnier's
 message of "Wed, 09 Oct 2013 08:40:34 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -5.2 (-----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.2 (-----)

Stefan Monnier <monnier@iro.umontreal.ca> writes:

> The docstring should prominently say that this var doesn't work with
> gpg2 because gpg2 does not let Emacs cache the passphrase (IIUC we
> can't make this var effective without changes in gpg2).

OK, I'll add it, though I'd also like to add a note saying that setting
this variable for gpg2 is kind of nonsense.

>> I didn't get the question correctly, then.  Look at the matrix of
>> (info "(epa) Caching Passphrases"), check when a user is suggested to
>> "set up elisp passphrase cache".
>
> That repeats the fact that symmetric encryption is handled differently
> but still doesn't help me understand why.

Because passphrase caching feature for symmetric encryption is rather
new and not supported by gpg1 (yet).




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
In-Reply-To: <87r4bx0xsk.fsf@flea.lifelogs.com>
Resent-From: Ted Zlatanov <tzz@lifelogs.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Thu, 10 Oct 2013 13:26:02 +0000
Resent-Message-ID: <handler.15552.B.138141154221146@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: 15552@debbugs.gnu.org
X-Debbugs-Original-To: bug-gnu-emacs@gnu.org
Reply-To: bug-gnu-emacs@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.138141154221146
          (code B ref -1); Thu, 10 Oct 2013 13:26:02 +0000
Received: (at submit) by debbugs.gnu.org; 10 Oct 2013 13:25:42 +0000
Received: from localhost ([127.0.0.1]:40102 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VUGFG-0005Uw-Es
	for submit@debbugs.gnu.org; Thu, 10 Oct 2013 09:25:39 -0400
Received: from eggs.gnu.org ([208.118.235.92]:43186)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGF3-0005Uc-8Q
 for submit@debbugs.gnu.org; Thu, 10 Oct 2013 09:25:26 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGEx-0001IY-Gy
 for submit@debbugs.gnu.org; Thu, 10 Oct 2013 09:25:25 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:55362)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGEx-0001IU-Dm
 for submit@debbugs.gnu.org; Thu, 10 Oct 2013 09:25:19 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:44843)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGEs-0002Sq-9s
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 09:25:19 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGEn-0001Fi-6g
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 09:25:14 -0400
Received: from plane.gmane.org ([80.91.229.3]:36663)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGEn-0001EH-0w
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 09:25:09 -0400
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <geb-bug-gnu-emacs@m.gmane.org>) id 1VUGEk-0001jj-HD
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 15:25:06 +0200
Received: from c-98-229-61-72.hsd1.ma.comcast.net ([98.229.61.72])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <bug-gnu-emacs@gnu.org>; Thu, 10 Oct 2013 15:25:06 +0200
Received: from tzz by c-98-229-61-72.hsd1.ma.comcast.net with local (Gmexim
 0.1 (Debian)) id 1AlnuQ-0007hv-00
 for <bug-gnu-emacs@gnu.org>; Thu, 10 Oct 2013 15:25:06 +0200
X-Injected-Via-Gmane: http://gmane.org/
Mail-Followup-To: bug-gnu-emacs@gnu.org
From: Ted Zlatanov <tzz@lifelogs.com>
Date: Thu, 10 Oct 2013 09:25:07 -0400
Organization: =?UTF-8?Q?=D0=A2=D0=B5=D0=BE=D0=B4=D0=BE=D1=80_?= =?UTF-8?Q?=D0=97=D0=BB=D0=B0=D1=82=D0=B0=D0=BD=D0=BE=D0=B2?= @ Cienfuegos
Lines: 16
Message-ID: <87pprds1fw.fsf@flea.lifelogs.com>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
 <m3fvsb6qxh.fsf-ueno@gnu.org>
 <jwvr4buzktz.fsf-monnier+emacsbugs@gnu.org>
 <m3eh7t3jrc.fsf-ueno@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: c-98-229-61-72.hsd1.ma.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
 d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
 D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
Mail-Copies-To: never
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux)
Cancel-Lock: sha1:bgigwRy4VFpExOtP9+NI2+2j53w=
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.1 (----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -4.1 (----)

On Thu, 10 Oct 2013 12:08:39 +0900 Daiki Ueno <ueno@gnu.org> wrote: 

DU> Stefan Monnier <monnier@iro.umontreal.ca> writes:
>> The docstring should prominently say that this var doesn't work with
>> gpg2 because gpg2 does not let Emacs cache the passphrase (IIUC we
>> can't make this var effective without changes in gpg2).

DU> OK, I'll add it, though I'd also like to add a note saying that setting
DU> this variable for gpg2 is kind of nonsense.

As the user, I want a single setting across all my systems, so I don't
know in advance if gpg1, gpg2, or both will be installed.  I could add
an explicit version check in my init file, but maybe epg.el could issue
a warning if it detects that situation, just to be helpful?

Ted





From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Stefan Monnier <monnier@IRO.UMontreal.CA>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Thu, 10 Oct 2013 14:32:02 +0000
Resent-Message-ID: <handler.15552.B.138141548928279@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: 15552@debbugs.gnu.org
X-Debbugs-Original-To: bug-gnu-emacs@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.138141548928279
          (code B ref -1); Thu, 10 Oct 2013 14:32:02 +0000
Received: (at submit) by debbugs.gnu.org; 10 Oct 2013 14:31:29 +0000
Received: from localhost ([127.0.0.1]:40873 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VUHGz-0007M3-6X
	for submit@debbugs.gnu.org; Thu, 10 Oct 2013 10:31:29 -0400
Received: from eggs.gnu.org ([208.118.235.92]:41783)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHGy-0007Lu-CF
 for submit@debbugs.gnu.org; Thu, 10 Oct 2013 10:31:28 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHGo-0002kF-PL
 for submit@debbugs.gnu.org; Thu, 10 Oct 2013 10:31:28 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:34411)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHGo-0002kB-M5
 for submit@debbugs.gnu.org; Thu, 10 Oct 2013 10:31:18 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43460)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHGh-0004IK-1J
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 10:31:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHGZ-0002cS-Nt
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 10:31:10 -0400
Received: from pruche.dit.umontreal.ca ([132.204.246.22]:50825)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHGZ-0002at-IQ
 for bug-gnu-emacs@gnu.org; Thu, 10 Oct 2013 10:31:03 -0400
Received: from faina.iro.umontreal.ca (lechon.iro.umontreal.ca
 [132.204.27.242])
 by pruche.dit.umontreal.ca (8.14.1/8.14.1) with ESMTP id r9AEV2f4013111;
 Thu, 10 Oct 2013 10:31:02 -0400
Received: by faina.iro.umontreal.ca (Postfix, from userid 20848)
 id 226A1B4149; Thu, 10 Oct 2013 10:31:02 -0400 (EDT)
From: Stefan Monnier <monnier@IRO.UMontreal.CA>
Message-ID: <jwvvc159p3j.fsf-monnier+emacsbugs@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
 <m3fvsb6qxh.fsf-ueno@gnu.org>
 <jwvr4buzktz.fsf-monnier+emacsbugs@gnu.org>
 <m3eh7t3jrc.fsf-ueno@gnu.org> <87pprds1fw.fsf@flea.lifelogs.com>
Date: Thu, 10 Oct 2013 10:31:02 -0400
In-Reply-To: <87pprds1fw.fsf@flea.lifelogs.com> (Ted Zlatanov's message of
 "Thu, 10 Oct 2013 09:25:07 -0400")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 5
X-NAI-Spam-Score: 0
X-NAI-Spam-Rules: 1 Rules triggered
	RV4727=0
X-NAI-Spam-Version: 2.3.0.9362 : core <4727> : inlines <138> : streams
 <1053492> : uri <1561335>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.0 (----)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -4.0 (----)

>>> The docstring should prominently say that this var doesn't work with
>>> gpg2 because gpg2 does not let Emacs cache the passphrase (IIUC we
>>> can't make this var effective without changes in gpg2).
DU> OK, I'll add it, though I'd also like to add a note saying that setting
DU> this variable for gpg2 is kind of nonsense.
> As the user, I want a single setting across all my systems, so I don't
> know in advance if gpg1, gpg2, or both will be installed.  I could add
> an explicit version check in my init file, but maybe epg.el could issue
> a warning if it detects that situation, just to be helpful?

IIUC, for gpg2 this var has no effect whatsoever, so if you want
password caching you need to setup gpg-agent: nothing Emacs can do
about it.

So the "single setting" is: set this var (for those systems that use
gpg1) and setup gpg-agent (on those systems that have gpg2).


        Stefan




From unknown Sun Jun 22 17:15:27 2025
X-Loop: help-debbugs@gnu.org
Subject: bug#15552: 24.3.50; epa-file-cache-passphrase-for-symmetric-encryption not respected with GnuPG 2.x
Resent-From: Stefan Monnier <monnier@IRO.UMontreal.CA>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-gnu-emacs@gnu.org
Resent-Date: Thu, 10 Oct 2013 14:33:01 +0000
Resent-Message-ID: <handler.15552.B15552.138141555928399@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 15552
X-GNU-PR-Package: emacs
X-GNU-PR-Keywords: notabug
To: Daiki Ueno <ueno@gnu.org>
Cc: tzz@lifelogs.com, 15552@debbugs.gnu.org
Received: via spool by 15552-submit@debbugs.gnu.org id=B15552.138141555928399
          (code B ref 15552); Thu, 10 Oct 2013 14:33:01 +0000
Received: (at 15552) by debbugs.gnu.org; 10 Oct 2013 14:32:39 +0000
Received: from localhost ([127.0.0.1]:40879 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VUHI6-0007Ny-Pn
	for submit@debbugs.gnu.org; Thu, 10 Oct 2013 10:32:39 -0400
Received: from chene.dit.umontreal.ca ([132.204.246.20]:56779)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <monnier@iro.umontreal.ca>) id 1VUHI5-0007Nr-CS
 for 15552@debbugs.gnu.org; Thu, 10 Oct 2013 10:32:37 -0400
Received: from faina.iro.umontreal.ca (lechon.iro.umontreal.ca
 [132.204.27.242])
 by chene.dit.umontreal.ca (8.14.1/8.14.1) with ESMTP id r9AEWaTs022003;
 Thu, 10 Oct 2013 10:32:36 -0400
Received: by faina.iro.umontreal.ca (Postfix, from userid 20848)
 id AB3D8B4149; Thu, 10 Oct 2013 10:32:36 -0400 (EDT)
From: Stefan Monnier <monnier@IRO.UMontreal.CA>
Message-ID: <jwvpprd9p00.fsf-monnier+emacsbugs@gnu.org>
References: <87r4bx0xsk.fsf@flea.lifelogs.com>
 <87fvscwswx.fsf-ueno-ueno@gnu.org>
 <jwvy5644fsl.fsf-monnier+emacsbugs@gnu.org>
 <87hacsutvp.fsf-ueno@gnu.org>
 <jwveh7v1ysh.fsf-monnier+emacsbugs@gnu.org>
 <87fvsbctxe.fsf-ueno@gnu.org>
 <jwvwqlni22h.fsf-monnier+emacsbugs@gnu.org>
 <m3fvsb6qxh.fsf-ueno@gnu.org>
 <jwvr4buzktz.fsf-monnier+emacsbugs@gnu.org>
 <m3eh7t3jrc.fsf-ueno@gnu.org>
Date: Thu, 10 Oct 2013 10:32:36 -0400
In-Reply-To: <m3eh7t3jrc.fsf-ueno@gnu.org> (Daiki Ueno's message of "Thu, 10
 Oct 2013 12:08:39 +0900")
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 5
X-NAI-Spam-Score: 0
X-NAI-Spam-Rules: 1 Rules triggered
	RV4727=0
X-NAI-Spam-Version: 2.3.0.9362 : core <4727> : inlines <138> : streams
 <1053493> : uri <1561336>
X-Spam-Score: -1.5 (-)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.5 (-)

>> That repeats the fact that symmetric encryption is handled differently
>> but still doesn't help me understand why.
> Because passphrase caching feature for symmetric encryption is rather
> new and not supported by gpg1 (yet).

Ah?  I wonder why, but at least that does explain why epg handles
it specially.


        Stefan