Confirmation for cached passphrases useful?
Robert J. Hansen
rjh at sixdemonbag.org
Fri Oct 15 19:42:05 CEST 2010
On 10/15/10 1:31 PM, Doug Barton wrote:
> The other problem with the confirmation proposal is that ... the
> intersection between plausible attack vectors and vulnerabilities
> that [this proposal] would actually fix seems [very] small.
I seem to recall saying something similar to this a few days ago. :)
I'll go one step further: so far I haven't seen anyone present a
plausible intersection. I've seen some hypothetical intersections, but
none that I think are plausible.
This seems like a nonsolution to a nonproblem.
More information about the Gnupg-users