invalid gpg key revocation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Mar 7 21:45:05 CET 2012
On 03/07/2012 03:31 PM, Ingo Klöcker wrote:
> Hmm. I guess you are right. Just a minor remark: To my knowledge it is
> not possible to get the passphrase out of gpg-agent. The whole point of
> gpg-agent is that it encapsulates all operations involving the secret
> key and the passphrase in order to minimize the risk of leaks of this
> information (see http://www.gnupg.org/aegypten/tech.en.html).
As i understand it, this is true for gpg-agent for gpgsm (S/MIME) in
general, and for all operations (including OpenPGP) using the
as-yet-unreleased gpg 2.1. But for those of us using gpg-agent for
OpenPGP operations for gpg 1.x or 2.0.x, you can indeed extract the
passphrase from the agent. :/
Looking forward to a transition to gpg 2.1,
--dkg
More information about the Gnupg-users
mailing list