gpg-agent automatically use passphrase for signing subkey?
Ingo Klöcker
kloecker at kde.org
Sat Jul 23 16:30:18 CEST 2011
On Friday 22 July 2011, Charly Avital wrote:
> Chris Poole
> <CAF=P9QBCMFqKvv_49a5NySoSWZkh2Ka_Kjo5WJY2onM6Yhs04w at mail.gmail.com>
>
> wrote on 7/22/11 10:38:39 AM:
> > On Thu, Jul 21, 2011 at 5:30 PM, Charly Avital <shavital at mac.com>
wrote:
> >> When your passphrase has been cached for each of those *actions*,
> >> it will remain in gpg-agent's "memory" for the duration of the
> >> cache set in your home directory ~/.gnupg/gpg-agent.conf
> >
> > That's a shame, but thanks.
>
> Shame?
> I find it very convenient.
You think it's convenient that you have to enter the same passphrase
twice, once when you want to sign something and then again when you want
to decrypt something?
There are surely use cases for this, but for someone like me who is
using gpg on a computer (resp. account) nobody else has (physical)
access to it's just an annoyance (albeit a minor one).
There is already the option --ignore-cache-for-signing (curiously the
corresponding option for decryption is missing, i.e. it's not possible
to use the cache for signing but not for decryption), so why not add
another option like --share-signing-and-decryption-cache? (I guess, if I
really wanted this I should provide a patch. :-) )
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110723/0ac50ef2/attachment-0001.pgp>
More information about the Gnupg-users
mailing list