Import of key from PGP secret keyring
Thu Feb 21 11:32:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
As the tutorial said version 1.0.6 correctly support importing keys
protected by password... but it's happened something I
think is *very bad*.
The imported is protected frmo key indeed... but not the actual key, but
the key with which i created the PGP key!!!
Some years ago I thought that key to be too much insecure and I changed
pwd of my secret key with a new, longer, key... and
when I found out that the imported GPG key actually used the *old* key
my mouth hanged open... this means that, while PGP
asks me for the new password, all my secret key can be obtained using
only my old (and less secure) password...
Is that normal? I think not... 0_o
(please CC me as I'm not subscribed)
Lapo 'Raist' Luchini
email@example.com (PGP & X.509 keys available)
http://www.lapo.it (ICQ UIN: 529796)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----