invalid gpg key revocation

Daniel Kahn Gillmor dkg at
Wed Mar 7 21:45:05 CET 2012

On 03/07/2012 03:31 PM, Ingo Klöcker wrote:
> Hmm. I guess you are right. Just a minor remark: To my knowledge it is 
> not possible to get the passphrase out of gpg-agent. The whole point of 
> gpg-agent is that it encapsulates all operations involving the secret 
> key and the passphrase in order to minimize the risk of leaks of this 
> information (see

As i understand it, this is true for gpg-agent for gpgsm (S/MIME) in
general, and for all operations (including OpenPGP) using the
as-yet-unreleased gpg 2.1.  But for those of us using gpg-agent for
OpenPGP operations for gpg 1.x or 2.0.x, you can indeed extract the
passphrase from the agent. :/

Looking forward to a transition to gpg 2.1,


More information about the Gnupg-users mailing list