Some questions

Faramir faramir.cl at gmail.com
Fri Aug 8 14:09:45 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Sven Radde escribió:
> Hi!
> 
> Faramir schrieb:

>>   I suppose it is clear text,
> No, it is still encrypted with your passphrase.
>> The idea about export a secret key is to import
>> it in other place, so it must be cleartext...
> Why? You can easily import an exportet (encrypted) secret key into
> another GnuPG application. Why not? The other GnuPG would simply ask for
> your passphrase whenever you would try to access the key there, just
> like the "first" GnuPG does...

  Good point... I think I must check my cafeine level, it seems it's too
low to think clearly... I will solve that now...

> I assume that the warning is there, because an exported key is somewhat
> likely to end up in some public-readable place and this is generally a
> bad thing - even if it is protected by a passphrase. You should at least
> take the risk willingly.

  Right, and also, there is the option to have secret keys without
passphrase... these keys would be very vulnerable, I think...

 Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJInDeIAAoJEMV4f6PvczxAQhoIAKgEq1VTTELAL3p3uwEe6XaV
AvD8Mwbob1SyyUw5LdS6HVc2DxhVJzTfuschCRgJNwXFWzm4BiKob++EWm+GPAj7
fZvArvKhyk5zQdk3BK61dptz7FnxF2xmUDle8IP1Zvmdw7UP2s1GVF+lHukAeGsL
Nj/mapU6kBHcSYGdqFeCaZORrBgJfzi7mxElMFPIzaok3mejTM8VK9WSFDaUCbtC
hKwX+sO2x4NXzsTfuYDiE/C53ieGp+uoX9dp2L66xa63gxJ/U0NkgS3ENclT8/+k
yxvy+k/slwS1wUDCNfnfMXPNPnkY7T3CswN0rHnXSr49O3ZOBp39vFEXCShoi2Q=
=HcuD
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list