"--for-your-eyes-only"
Charly Avital
shavital at mac.com
Tue Jun 28 10:58:52 CEST 2005
David Shaw wrote the following on 6/27/05 11:18 PM:
[...]
> If I understand your question,
> no, there is no secure viewer built
> into GnuPG. There are many reasons, but two good ones are that GnuPG
> is a command line application, and you can't really make a secure
> viewer on the command line, and by its nature a secure viewer would
> not be nearly portable enough.
I may not understand what you mean by "portable".
I suppose that a secure viewer (software program) could not be nearly
ported to GnuPG?
>
> However, GnuPG can call other programs to do other tasks (keyserver
> access programs, JPEG viewers for photo IDs), so it's not impossible
> that GnuPG could call an external secure viewer program. I don't know
> of one offhand though.
As far as I can remember the evolution of PGP, I think (but I am not
sure) that the concept of a secure viewer is a PGP proprietary function
built-in in their software.
I shall not discuss whether TEMPEST attacks, when targeted to CRT or LCD
displays pose a real threat to encryption users (who is the targeting
agent? who are the targeted/chosen users?) because I have no expertise
or even reasonable knowledge of the technological aspects of that issue.
But if it is, in fact, a viable way to breach confidentiality, it is
possible that GnuPG could consider to include an external secure viewer
program in future developments. As a matter of fact, according to
Werner's email, some work has already been done, and is included in the CVS.
Thanks,
Charly
More information about the Gnupg-users
mailing list