external keystore option?
wk at gnupg.org
Thu May 11 13:50:53 CEST 2000
On Thu, 11 May 2000, Mikolaj J. Habryn wrote:
> Hmm, okay. Failing that, my intent was to gin up a simple text based
> protocol to run over Unix sockets, with operations like
> DECRYPT ( list of valid keys ) cyphertext
> I presume here that gpg will know what keys can decrypt a message
> (by fingerprint? id? full public key? How are they identified in the
> message?), but won't know which ones are available.
The needed key is identified by the 64 bit KeyID. There is an option
for a wildcard KeyID in which case gpg tries each available secret
key in turn.
> ENCRYPT key plaintext
> Which does the obvious thing. Would this cover the gamut of what gpg
> does with private keys? I am also presuming that the keystore would
You don't need the secret key for encryption - I guess you are
thinking of signing a message.
Such an agent should take care of all operations where the secret key
is involved and leve all other crypto operations to normal program.
The goal of such a agent should be to better protect the secret key.
Werner Koch OpenPGP key 621CC013
OpenIT GmbH tel +49 211 239577-0
Birkenstr. 12 email wk at OpenIT.de
D-40233 Duesseldorf http://www.OpenIT.de
More information about the Gnupg-devel