The loopback pinentry
Bjarni Runar Einarsson
bre at pagekite.net
Wed Apr 20 18:27:47 CEST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Werner Koch <wk at gnupg.org> wrote:
> I propose to make --allow-loopback-pinentry the default and add
> an option --no-allow-loopback-pinentry, so that it is possible
> to disallow the use of the loopback pinentry. This is a simple
> change but some advanced use cases of GnuPG would benefit from
> this (e.g. Mailpile).
This would be fantastic; unstoppable pinentry is the largest
single road-block that prevents Mailpile from working well with
GnuPG 2.0 and up.
All of the solutions we currently have on the table involve
creating a custom gpg.conf for Mailpile or *editing* the user's
gpg.conf to add the settings we need; neither of which are good
solutions in our opinion.
I would also like to point out that for users with gnupg 1.4
installed, changing this default is in no way reducing security -
the desired behaviour is already available by falling back to
gnupg 1.4 (as Mailpile currently does). Making automation easier
(as Werner is suggesting here) is IMO key to making gpg 1.4
eventually go away.
Thanks for looking at this, Werner.
All the best,
PageKite.net lets your personal computer be part of the web.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the Gnupg-devel