GPG question
Brian Rosenvinge
brian at nixthis.com
Mon Aug 14 17:27:16 CEST 2006
Thanks guys for all of the information. Unfortunately I am being asked
to automate this entire process so the passphrase must be included. We
will definitely be doing everything in our power to avoid exposing the
passphrase.
Thanks again
Brian
Werner Koch wrote:
>On Mon, 14 Aug 2006 16:39, David Shaw said:
>
>
>
>>You also need to ask yourself: if you're just going to hardcode a
>>passphrase anyway, would it be better to simply use a key with no
>>passphrase at all?
>>
>>
>
>That is actually what we are suggesting since years.
>
>FWIW: The problem some people have with this is that there are
>policies in place (even demanded by law) to keep private key material
>stored encrypted. These policies don't tell from where to take the
>protection key, though. Obviously they silently allow for storing it
>in a file or even passing on the command line. It is all plain stupid
>but sometimes one need to work around such dump requirement. This is
>the actual reason why we added features for insecure supplying of a
>passphrase.
>
>
>Shalom-Salam,
>
> Werner
>
>
>
>_______________________________________________
>Gnupg-users mailing list
>Gnupg-users at gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
More information about the Gnupg-users
mailing list