Confirmation for cached passphrases useful?

[Daniel Kahn Gillmor]

On 10/14/2010 04:31 PM, Grant Olson wrote:
> But ultimately once you start trying to fix the problem by offloading
> the checks to special hardware, you might as well just key a smart card
> reader with an integrated keypad.  Then you can use a simple pin.  Not
> quite as convenient as hitting Y/N, but way more convenient than a
> really strong password.

Yes, that'd be nice, if that hardware is available and convenient for
the user.

But far more people have access to a laptop with system-handled ACPI key
combinations than have access to card readers with integrated keypads.

card readers with integrated keypads are also bulky, awkward to
transport and use in mobile context, and tend to be significantly slower
at performing secret-key operations than modern computers (laptop or
desktop).

card readers with integrated keypads are also additional points of
failure, and have a non-negligible financial cost over and above the
cost of the hardware on which to run GnuPG.

Back to the original point: a confirmation prompt for the agent has the
potential to be useful in many cases, particularly with the agent model
described for the upcoming gnupg 2.1, and to a lesser extent with
earlier versions of the agent protocol.  I'm not denying that there are
other approaches which might solve the same problem, but there are
tradeoffs to all of them which may not be suitable for any particular user.

I remain perplexed at the opposition this reasonable feature proposal
has received.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101014/25b7d342/attachment.pgp>