[imp] imp 2.3.x vs TWIG

[Anil Madhavapeddy]

Quoting Rich Lafferty <rich@horde.org>:

> I suppose you could encrypt the database passwords with the Horde
> password. I'm sure there's an attack on that, but it's not coming to
> mind immediately.

Or, encrypt the other IMAP passwords with one of them; the one that the
user has to enter.  There shouldn't be any easy attacks on that, since 
one key has to be re-entered by the user and isn't stored anywhere.

> I've a suspicion that it'll end up better to store them plaintext, on
> the assumption that anyone that gets in to read them could also obtain
> the information they'd need to decrypt them.

I dunno; even trivial encryption is often enough to scare off casual
attackers.

> In case it wasn't clear before, I don't think it's a bad idea, I just
> think it's something we should make people explicitly enable, rather
> than working like that out of the box. I *like* the idea, and it's
> probably preferable to the alternative, which is for users to store
> their passwords for local POP servers with some entity out of local
> control like Hotmail.

Something like a proxy would have to be run specifically, and wouldn't
actually be a part of IMP as such.  It would be a separate component that
exposes a single IMAP source to whatever client asks; IMP being one of
them.

One of the _extremely_ useful features it could provide to IMP would be
the persistent connections, to avoid reauthentication on every URL
request.  If IMP simply reconnects to the proxy on every request, the proxy
would just reassign the connection back to it (presumably in OF_HALFOPEN
mode).

-- 
Anil Madhavapeddy, <anil@recoil.org>