This issue of encrypting passwords on disk also garners a section of upstream's FAQ, indicating a probable wontfix status on their part:
http://www.centerim.org/index.php/Frequently_Asked_Questions#What_about_encrypted_password_storage_in_config.3F Much like your argument that masking in the UI gives a false sense of security when the passwords aren't encrypted on disk, they seem to feel that encrypting on disk gives a false sense of security when the application needs to have access to and (in many cases) transmit plaintext passwords for these services over the Internet anyway. Both arguments have merit, but perhaps upstream hasn't considered the possibility of their client running on systems which are configured for remote backups of /home... -- { IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657); SMTP(fu...@yuggoth.org); IRC(fu...@irc.yuggoth.org#ccl); ICQ(114362511); AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fu...@yuggoth.org); MUD(fu...@katarsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); } -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
