GnuPG encryption with key file

Daniel Kahn Gillmor dkg at
Fri Mar 28 14:08:31 CET 2014

On 03/28/2014 07:48 AM, Peter Lebbing wrote:
> And the hack presented doesn't allow for
> the common scenario: a key file *as well as* a password. 

sorry, i think my assumption of the common scenario was very different
from yours, or i wouldn't have recommended the conversion i did.

i'd assumed that anyone using a "key file" was using it as the
equivalent of a kerberos keytab -- a shared secret with some other party
that would be closely guarded and kept secret.  I sort of took it for
granted that the base64-encoding of, say, /bin/ls on any version of any
well-known operating system is not a secret and would never be used as a


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140328/c79c2217/attachment.sig>

More information about the Gnupg-users mailing list