unlock keychain with pam authentication
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Sep 29 16:28:17 CEST 2015
On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher <andrewg at andrewg.com> wrote:
> On 28/09/15 23:16, SGT. Garcia wrote:
>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
>>>
>>> Do you ever import keys that other people
>>> send you? or keys you find on the web? or keys attached to e-mail
>>> messages? Are you sure the things imported can't include a secret key?
>>
>> this is the first time i hear about *importing* to be honest. after reading, yes
>> just reading, your email a new key was added and on the next run of 'notmuch
>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it finds
>> in attachments.
>
> Surely that 'feature' needs removing asap?
I'm surprised to hear that notmuch has this feature, and i haven't seen
it happen myself. I'm one of the people who helped contribute to
notmuch's OpenPGP mechanisms.
This sounds like something to be raised on the notmuch mailing list,
though.
--dkg
More information about the Gnupg-users
mailing list