X-Git-Url: http://git.chise.org/gitweb/?a=blobdiff_plain;f=README;h=b438bd3330e83010f5e01ce59e33527d0b1ba665;hb=359180decf50389e8a5313a3fb04c88a6a93f69e;hp=fa82e7faf2b91c523ea32f840d864030a4911c32;hpb=b377ee62d13418bf93437799c39b55ddc87f4270;p=elisp%2Fepg.git

diff --git a/README b/README
index fa82e7f..b438bd3 100644
--- a/README
+++ b/README
@@ -24,7 +24,8 @@ Add the following line to your ~/.emacs
 
   (require 'epa-setup)
 
-Then you can do some cryptographic operations on dired.
+Then you can browse your keyring by M-x epa-list-keys.  In addition,
+you can do some cryptographic operations on dired.
 
   M-x dired
   (mark some files)
@@ -41,13 +42,16 @@ subprocess.
 
 ** `(fillarray string 0)' is not enough to clear passphrases
 
-If Emacs crashed and dumps core, passphrase strings in memory are also
+If Emacs crashes and dumps core, Lisp strings in memory are also
 dumped within the core file.  `read-passwd' function clears passphrase
 strings by `(fillarray string 0)'.  However, Emacs performs compaction
 in gc_sweep phase.  If GC happens before `fillarray', passphrase
-strings may be moved elsewhere in memory.
+strings may be moved elsewhere in memory.  Therefore, passphrase
+caching in Elisp is generally a bad idea.  The EasyPG Library dares to
+disable passphrase caching.
+
+Fortunately, there is more secure way to cache passphrases - use
+gpg-agent.
 
-Fortunately, there is gpg-agent to cache passphrases in more secure
-way, so the EasyPG Library dares *not* to cache passphrase by itself.
 Elisp programs can set `epg-context-passphrase-callback' to cache
-user's passphrases.
+user's passphrases, it is not recommended though.