X-Git-Url: http://git.chise.org/gitweb/?a=blobdiff_plain;f=README;h=b438bd3330e83010f5e01ce59e33527d0b1ba665;hb=359180decf50389e8a5313a3fb04c88a6a93f69e;hp=610523f68d58f07c8cf9b8b4375e96744ae04734;hpb=1d37660108569a43f5a2b59616b0e2b06018aa62;p=elisp%2Fepg.git

diff --git a/README b/README
index 610523f..b438bd3 100644
--- a/README
+++ b/README
@@ -42,13 +42,16 @@ subprocess.
 
 ** `(fillarray string 0)' is not enough to clear passphrases
 
-If Emacs crashes and dumps core, passphrase strings in memory are also
+If Emacs crashes and dumps core, Lisp strings in memory are also
 dumped within the core file.  `read-passwd' function clears passphrase
 strings by `(fillarray string 0)'.  However, Emacs performs compaction
 in gc_sweep phase.  If GC happens before `fillarray', passphrase
-strings may be moved elsewhere in memory.
+strings may be moved elsewhere in memory.  Therefore, passphrase
+caching in Elisp is generally a bad idea.  The EasyPG Library dares to
+disable passphrase caching.
 
-Fortunately, there is gpg-agent to cache passphrases in more secure
-way, so the EasyPG Library dares to disable passphrase caching.  Elisp
-programs can set `epg-context-passphrase-callback' to cache user's
-passphrases.
+Fortunately, there is more secure way to cache passphrases - use
+gpg-agent.
+
+Elisp programs can set `epg-context-passphrase-callback' to cache
+user's passphrases, it is not recommended though.