How to decide which private key to use?
Neil Williams
linux at codehelp.co.uk
Tue Dec 7 01:10:31 CET 2004
On Saturday 04 December 2004 6:31 pm, Ramon F Herrera wrote:
> I am using the GPGme library to write a program that
> will decrypt files. The files to be decrypted are
> encrypted with exactly one out of of three keys.
If one machine is decrypting all messages, why not have one passphrase for all
three keys?
Why use three keys? The machine running the program has to be secure -
otherwise you are exposing three keys to compromise instead of just one.
Any time you store passphrases for an automated process, it's as bad as having
no passphrase at all. Anyone who gains access to the machine can locate the
stored passphrase and the secret key file.
You wouldn't put a file 'root-password.txt' in your user directory.
--
Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20041207/293b3963/attachment-0001.bin
More information about the Gnupg-users
mailing list