Kmail plugin progress

Ingo Klöcker
Wed Aug 20 00:12:02 2003

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Sorry, for replying to such an old thread, but I didn't have time to=20
read it earlier. Still, being KMail's current maintainer, I'd like to=20
clear a few misunderstandings.

On Sunday 20 July 2003 03:05, Robin Lynn Frank wrote:
> On Saturday 19 July 2003 05:14 pm, Neil Williams  wrote:
> > On Sunday 20 Jul 2003 12:40 am, Robin Lynn Frank wrote:
> > > On Saturday 19 July 2003 04:04 pm, Robin Lynn Frank  wrote:
> > > This is a follow-up.  The third email I sent required a
> > > poassphrase.  I wonder what this one will do? :-(
> >
> > Kmail doesn't cache the passphrase forever, or even until you close
> > the app. It waits for a certain amount of idle time and then drops
> > the cached passphrase. Even if you send a lot of different emails
> > as a series, it will eventually ask to confirm the passphrase
> > again.
> >
> > Otherwise someone could sign an email as you if you get up to go to
> > the fridge etc.
> There are certain aspects of kmail that I am beginning to dislike a
> lot.  I have got to find a mailer that absolutely will never cache a
> passphrase without having to go back to the dark ages (non-gui). :-(=20
> The odd thing is that I do not recall a case of having any email go
> our without entering a passphrase before I installed the plugin.

As was already said by others it's not KMail which caches the passphrase=20
but gpg-agent. gpg-agent is, just like ssh-agent, a very small program=20
(with respect to LOC) which can be used to cache the passphrase. If you=20
don't want this then you'll have to tell gpg-agent not to cache it by=20
setting the default-cache-ttl to 0.

BTW, gpg-agent was written by Werner Koch's company and not by any KDE=20
developer. So if you want to complain about gpg-agent caching your=20
passphrase then send your complaints to the companies involved in the=20
Aegypten project. IMO they did a rather good job. The only problem is=20
that using the crypto plugins is so damn difficult.

BTW2, the certificate manager is for managing S/MIME certificates. It's=20
useless for OpenPGP keys/certificates. So unless you have to deal with=20
S/MIME certificates simply ignore it.


Content-Type: application/pgp-signature
Content-Description: signature

Version: GnuPG v1.2.3rc1 (GNU/Linux)