Sat Feb 17 19:43:00 2001
Stefan Bellon wrote:
> I think it would be a nice addition if GnuPG asked for your passphrase
> when exporting the secret key with --export-secret-key. I know that it
> is not necessary, but it would make it safer against misuse as the key
> couldn't be extracted unattended, ... IYSWIM.
That's quite useless. The key is, also if extracted, still
password-protected, and if someone gets your secring this password
protection is all there is. If you want to remove the password from
the key you need to give it anyway because is is needed for decryption.
Besides, it can easily be circumvented by using a hacked version of gpg.
This sounds like security by obscurity, generally a bad idea and for an
open-source program totally useless.
ir. J.C.A. Wevers // Physics and science fiction site:
firstname.lastname@example.org // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html