monotone-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Keystore usability -- passphraseless keys, etc.

From: Ralf S. Engelschall
Subject: Re: [Monotone-devel] Keystore usability -- passphraseless keys, etc.
Date: Tue, 20 Feb 2007 10:27:24 +0100
User-agent: Mutt/1.5.13 OpenPKG/CURRENT (2006-08-11) 
On Tue, Feb 20, 2007, Markus Schiltknecht wrote:

> Ralf S. Engelschall wrote:
> >I think the tags should be even part of the file *content* as the file
> >content is usually copy & pasted around between application windows.
> >Currently the content reads...
>
> Those people would most likely also see the filename. OTOH, people
> simply attaching the file to an email would *not* see the file contents.
> Thus putting that information into the filename seems more sensible to me.

Yes, of course. That's why I think it is best to _combine_ both
approaches. Put the information both into the content _AND_ the
filename.

> What I'm somewhat concerned about, is that the filenames get really long
> and include commas (which breaks certain, not-so-clever applications).
> Is there a good reason for doing it that way and not split into
> directories. Something like that:
>
>  - .monotone/keys/                    # all my public keys
>  - .monotone/keys/private/            # all my private keys
>  - .monotone/keys/private/no-passphrase/   # obvious...
>
> This would also allow us to set proper read/write permissions per
> directory, instead of having to set that for every file...

This doesn't play nice with your above "attaching the file to an email"
and "putting that information into the filename" wishes. Because
when you append "~/.monotone/keys/private/no-passphrase/<user>" to
an email with MIME you end up with a MIME header of just something
like 'Content-Disposition: attachment; filename="<user>"'. So, here
Nathaniel's suggestion of encoding the stuff into the filename works a
little bit better. But I agree: commas and other stuff in filenames both
looks strange and might cause trouble when it comes to cross-platform
scenarios.

So, I think my last mentioned SSH-style suggestion IMHO comes closest to
all the already stated wishes:

# ~/.monotone/keys/<user>.pub:
| [publickey <user>]
| <base64-publickey>
| [end]

# ~/.monotone/keys/<user>.prv:
| [privatekey,no-passphrase <user>]
| <base64-privatekey>
| [end]

This way one can see the type from the content and even when appending
the stuff to Emails one has at least the filename extension which
indicates (at least to some extend) what it is.

Well, and most notable: this follows the ".pub"-style people are already
used to since years from SSH and similar applications. Because IMHO,
independent what approach Monotone goes, it is recommended for maximum
usability to not invent something completely new here -- except perhaps
we have a _major_ reason to do it completely different. Aligning to
existing applications and this way leverage from the fact that people
are already used to something is certainly not the worst...

                                       Ralf S. Engelschall
                                       address@hidden
                                       www.engelschall.com
reply via email to
[Prev in Thread] Current Thread [Next in Thread]