GPG question

Werner Koch wk at gnupg.org
Mon Aug 14 17:13:29 CEST 2006


On Mon, 14 Aug 2006 16:39, David Shaw said:

> You also need to ask yourself: if you're just going to hardcode a
> passphrase anyway, would it be better to simply use a key with no
> passphrase at all?

That is actually what we are suggesting since years. 

FWIW: The problem some people have with this is that there are
policies in place (even demanded by law) to keep private key material
stored encrypted.  These policies don't tell from where to take the
protection key, though.  Obviously they silently allow for storing it
in a file or even passing on the command line.  It is all plain stupid
but sometimes one need to work around such dump requirement.  This is
the actual reason why we added features for insecure supplying of a
passphrase.


Shalom-Salam,

   Werner





More information about the Gnupg-users mailing list