Using a passphrase FD from variable and piped data for encryption
Dashamir Hoxha
dashohoxha at gmail.com
Wed Apr 20 09:10:27 CEST 2016
On Wed, Apr 20, 2016 at 8:09 AM, Robert J. Hansen <rjh at sixdemonbag.org>
wrote:
> > I thought you could point out what is wrong with it, hopefully
> > something that can be fixed. But that's OK.
>
> You're asking people to sign on for a literally never-ending process.
> (Peer review never ends, after all. Ask the OpenBSD guys.) There's
> nothing wrong with that. You should always feel free to ask other
> people to help. But in order to get the best-qualified people on board,
> your project should offer something new: a new capability, a new
> security guarantee, a new resistance to attacks, a new *something*.
> Because without some new improvement, what motivation is there for
> anyone to switch?
>
> It's good to scratch your own itch. If you want to use this tool you've
> built, more power to you. But other people probably won't unless you
> can give them specific reasons to care.
You are right. I don't think that it can satisfy the requirements of
everybody
because they are sometimes conflicting. But I use it because it is simpler
and easier, comand-line based, and scriptable. And I also believe that it is
not less secure than the other solutions.
Anyway, myself I don't have high security requirements, and, except for
trying to use good practices, I am not a security expert. So, I cannot
guaranty for everybody.
Dashamir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160420/a22b97c6/attachment-0001.html>
More information about the Gnupg-users
mailing list