Tim Rowledge wrote:

>Daniel Vainsencher <danielv at netvision.net.il> wrote:
>
>  
>
>>SMTPClient. Anybody have any ideas about whether MailSender should
>>remember passwords? this could easily remain in an image you send
>>someone...
>>    
>>
>Ifit's going to remember passwords it should be in a file (encrypted
>with one of the many encryption packages we have available) and the
>image should forget it during the shutdown phase. The mailsender can
>check for a password, check for the file if none exists and ask the user
>if no file exists.
>
>tim
>--
>Tim Rowledge, tim at sumeru.stanford.edu, http://sumeru.stanford.edu/tim
>Useful random insult:- Her modem lights are on but there's no carrier.
>

How about implementing a key ring for storing all sorts of userids, 
passwords, crypto keys, etc?  A key ring can exist in two states: normal 
and encrypted serialized.  If an attempt is made to access an 
encrypted/serialized key ring, an exception would prompt the user for a 
decryption key that when supplied would be used to decrypt the 
serialized key ring and if successful would then reconstruct the key 
ring objects from decrypted bytes.  Then the original message could be 
performed on the key ring. 

When the image is snapshotted (or whenever the user requests), all key 
ring objects in the image could be serialized and encrypted and a become 
operation could swap out all the key ring objects for their encrypted 
serialized forms.  Thus, an image saved on disk would never contain 
unencrypted key ring objects.  An extension to this could be to 
externalize all the encrypted serialized key rings to a file that goes 
with an image...you would then have:

    Squeak.image
    Squeak.changes
    Squeak.keyrings


On snapshot, all keyrings are serialized, encrypted, and dumped out to 
the keyrings file and the image is purged of any keyrings.  Only a stub 
object that attempts to load the set of keyrings from the keyrings file 
is left in the image.

- Stephen