The loopback pinentry

Daiki Ueno ueno at gnu.org
Thu Jun 9 11:16:46 CEST 2016


Werner Koch <wk at gnupg.org> writes:

> Before someone asks: The --allow-emacs-pinentry option should be kept
> because that new emacs mode has actual security implications and should
> thus not be enabled by default.  I also consider that Emacs users can be
> expected to enter M-x f ~/.gnupg/gpg-agent.conf ;-)

If the loopback pinentry evolves into general purpose mechanism, I would
rather suggest to remove the Emacs specific stuff entirely.  The
rationale is:

- The immediate motivation behind the Emacs pinentry was that the
  loopback pinentry had some limitations when used as a replacement of
  gpg1's passphrase prompt, e.g. [1], which was fixed a while ago.

- Debian seems unlikely to build in the Emacs mode with Pinentry[2].
  That means to add another (non-working) configuration vector and
  upstream Emacs cannot rely on that feature[3].

What do you think?  Is there really anything that can be done better
with the Emacs pinentry than with the loopback pinentry?

If you agree, I can take care of the removal.

Thanks,

Footnotes: 
[1]  https://bugs.gnupg.org/gnupg/issue1976

[2]  https://bugs.gnupg.org/gnupg/issue2034

[3]  http://git.savannah.gnu.org/cgit/emacs.git/tree/lisp/epg.el#n607

-- 
Daiki Ueno






More information about the Gnupg-devel mailing list