external keystore option?

Werner Koch wk at gnupg.org
Thu May 11 13:50:53 CEST 2000

On Thu, 11 May 2000, Mikolaj J. Habryn wrote:

>   Hmm, okay. Failing that, my intent was to gin up a simple text based 
> protocol to run over Unix sockets, with operations like


> DECRYPT ( list of valid keys ) cyphertext
>   I presume here that gpg will know what keys can decrypt a message
> (by fingerprint? id? full public key? How are they identified in the
> message?), but won't know which ones are available.

The needed key is identified by the 64 bit KeyID.  There is an option
for a wildcard KeyID in which case gpg tries each available secret
key in turn.

> ENCRYPT key plaintext
>   Which does the obvious thing. Would this cover the gamut of what gpg 
> does with private keys? I am also presuming that the keystore would

You don't need the secret key for encryption - I guess you are
thinking of signing a message.

Such an agent should take care of all operations where the secret key
is involved and leve all other crypto operations to normal program.
The goal of such a agent should be to better protect the secret key.


Werner Koch				OpenPGP key 621CC013
OpenIT GmbH                             tel +49 211 239577-0
Birkenstr. 12                           email   wk at OpenIT.de
D-40233 Duesseldorf                     http://www.OpenIT.de

More information about the Gnupg-devel mailing list