Some questions
zulag
zulag4 at gmail.com
Fri Aug 8 15:43:00 CEST 2008
Hi,
(first, excuse me for the message not appearing as a reply, I had not
subscribed to the mailing-list when I sent the first message)
> I ran the command, and got a huge ascii block... so I modified it to:
> gpg --export-secret-key --armor > test.asc and got a enarmored block of
> ascii characters... a lot longer than a single private key, so maybe it
> is the whole private keyring... I will import it in a virtual machine
> (with empty keyring), in order to know what is that block...
(If you want to make tests, you can create a temporary directory, and
set the GNUPGHOME environment variable to that temporary directory.)
You can import the exported private key, but when you cannot sign or
decrypt anything without entering the passphrase. I agree with what
David said :
> [...] Otherwise, what's the point
> of having passphrase protection on the secret keyring, when you can
> just export the secret key from the secret keyring unencrypted without
> having to know the passphrase?
About my question 2 :
> If you encrypt it and then sign it, if somebody steal the message, he
> would get the sender's key ID from the signature. If you sign it and
> then encrypt it, the thief would not have any info about the sender.
This is not a problem in my situation, so I suppose I can do it if
there are no other problems.
thanks
More information about the Gnupg-users
mailing list