On Wed, Dec 01, 2010 at 06:29:06PM -0500, Dan Engel wrote:
> On Wed, 2010-12-01 at 14:08 +0100, Stefan Sperling wrote:
> > However, I still see a potential risk here because the name
> > "gpg-agent"
> > is very misleading. It violates the principle of least surprise.
> > How can we prevent users misunderstanding what "Subversion's gpg-agent
> > feature" does from entering their private pgp key passphrase (which
> > will
> > then be sent to the server)? Can we control the prompt printed by
> > gpg-agent? ("Enter your Subversion password, NOT your secret PGP
> > passphrase!")
>
>
> Yes, the agent protocol provides for customized prompts, and the patch
> itself refers to the Subversion repository server (or something like
> that) in that prompt.
If we can control the prompt, then let's just make the prompt
clear enough so that people who read it don't accidentally enter
their pgp passphrase. That will make the mistake much less likely.
If people don't read the prompt, well, then we cannot help them either.
Thanks for pointing out how gpg-agent really works.
Stefan
Received on 2010-12-02 21:33:47 CET