Web-based pinentry
Michael Gauthier
mike at silverorange.com
Thu Aug 30 16:28:33 CEST 2012
> yyy yyy at yyy.id.lv
> Thu Aug 30 12:48:45 CEST 2012
>
>> As of GnuPGv2, the --command-fd method of passing passphrases no longer
>> seems to work. Is there an alternative I can use so that the pin entry
>> interface is still a webpage?
>>
>> Please let me know what I can use to handle pin-entry in a web-based
>> system.
>>
>
> If I have understood correctly, in gpg2, in such cases you are
supposed to
> use no passphrase at all.
Where can I find documentation that recommends not using a passphrase?
My understanding is a passphrase is important to protect private keys in
the event they are acquired:
http://www.gnupg.org/gph/en/manual/c481.html#AEN506
If I don't use a passphrase, how should I protect my key (other than
making it difficult to physically access)?
Cheers,
Mike
More information about the Gnupg-users
mailing list