Suppressing passphrase prompt

David T-G davidtg-gnupg@justpickone.org
Sat Jun 22 20:26:02 2002 

--XvKFcGCOAo53UbWW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Leigh --

=2E..and then Leigh S. Jones said...
%=20
% >Re: Suppressing passphrase promptDavid T-G writes:
% >
% >Hey, you experts on the list -- am I the only one who is astonished and=
=20
% >appalled at people putting their passphrases in code somewhere?  Am I=20
% >wrong and hard-coding is somehow safer than a guarded key?=20
%=20
% Well, I'm not one of those experts, but I also don't read "passphrases in=
=20
% code" into these questions.

Ahhh...  After reading your extrapolation below it becomes clear how that
might be the case.  Thanks much for the insight.


%=20
% I myself am a lover of Linux, but being compelled to use Windows NT and
% Win2K at work and having it available at home has made me sensitive to

I know what you mean.  It hurts so much! :-)


% the issues affecting the Windows users. =20

Fair enough.


%=20
% I use gpg at work, not for encryption, but for very real, honest-to-god=
=20
% nonrepudiation tasks.  And Windows is the forced environment.  Just by
% happenstance it's necessary for the secret key passphrase to be entered
% into the GUI a half an hour before the document being digitally signed is

There's the interesting bit.  I imagine that no amount of pipelining the
document being created (aside from the problems that would probably have
under Win ;-) to a gpg opened immediately would take care of that cleanly
enough, either.


% actually created, so the testing of the passphrase and storage (until use=
)=20
% in protected memory is dictated.

Gotcha.


=2E..
% relative security of a Unix/Linux system protecting their secret key ring=
s,
% and most have their root directory trees shared as administrative shares
% so that absolutely anyone in the IT department at their companies can
% read and alter everything at will.

Heh :-)  Yeah, there is that sort of thing.


Thanks again! & HAND

:-D
--=20
David T-G                      * It's easier to fight for one's principles
(play) davidtg@justpickone.org * than to live up to them. -- fortune cookie
(work) davidtgwork@justpickone.org
http://www.justpickone.org/davidtg/    Shpx gur Pbzzhavpngvbaf Qrprapl Npg!


--XvKFcGCOAo53UbWW
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9FMGOGb7uCXufRwARAszBAJ4uPqIMIAQFWxHN5IkkH9o8i0ipqgCgzrAO
7FWNDkjfvGFjLPotEgiaRKs=
=pDNW
-----END PGP SIGNATURE-----

--XvKFcGCOAo53UbWW--