Win32 passphrase proposal
John Goerzen
jgoerzen@complete.org
Wed Jul 25 18:31:01 2001
"Daryl Krauter" <dkrauter@getesuite.com> writes:
> How true, but it really is no different than storing it
> in some file and passing it via the commandline arg '--passphrase-fd'.
AFAIK nobody is seriously advocating using it for that. This is just
so that other programs can read the passphrase from the user and pass
it directly to gpg in a hopefully secure fashion.
> or PASSPHRASE (as the string itself).
The environment is insecure also.
> Perhaps a better scenario is for the passphrase to be stored in a 'mangled'
> state so it would not be as easily figured out.
Still gpg will have to have an automated way to figure it out from the
mangle. So if gpg can figure it out, so can anyone else. You have
gained nothing.
-- John
--
John Goerzen <jgoerzen@complete.org> www.complete.org
#include <std_disclaimer.h> GnuPG key 0x8A1D9A1F from www.complete.org/key