Confirmation for cached passphrases useful?
dougb at dougbarton.us
Fri Oct 15 19:31:04 CEST 2010
On 10/15/2010 9:23 AM, Werner Koch wrote:
> Nevertheless, the confirmation prompt for a cached passphrase is not
> entirely unfounded
I've really been biting my tongue on this thread because it seemed like
the right people were saying the right things already, but you're making
me nervous now Werner. :)
The right solution to the concern expressed is to keep the time for
gpg-agent to cache the pass phrase down to a reasonable level, where
"reasonable" may mean different things in different environments. I
don't remember what the default is, but I do recall thinking when I
first installed -agent that it seemed sufficiently short to protect new
users from themselves; but too short for my tastes, so I fixed it. :)
The other problem with the confirmation proposal is that (unless I'm
missing something really dramatic) the intersection between plausible
attack vectors and vulnerabilities that confirmation would actually fix
seems so small that it does not justify even the coding/QA time to
develop the feature, never mind the inconvenience to the user.
Breadth of IT experience, and | Nothin' ever doesn't change,
depth of knowledge in the DNS. | but nothin' changes much.
Yours for the right price. :) | -- OK Go
More information about the Gnupg-users