On Thu, Sep 8, 2011 at 9:17 AM, Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> wrote: [snip] > It would be interesting to know what we can rely on in the user group > you're thinking about (which I called ssh-challenged). Setting up ssh > keys is too complicated. Can we require a working gpg setup? They do > want to check sigs, don't they? I don't think you can require a working gpg setup (at least for not addressing the ssh-challenged group). [snip] > Or that in C, probably using Junio's gpg-lib. That would be secure and > useful *if* we can rely on people having a convenient gpg setup > (gpg-agent or such). > > So: What credential store/password wallet/etc. can we rely on for this > group? Is gpg fair game? I think there probably need to be providers for using Keychain under the Mac, gnome-keyring and kwallet under Linux, and probably something using the wincrypt API under Windows. I don't think there's a one-store-fits-all solution here, unfortunately. :-( I'm actually tempted try and work on a couple of those myself. -John -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html