Implications of a common private keys directory in 2.1

Werner Koch wk at gnupg.org
Mon Nov 21 10:28:47 CET 2016


On Sun, 20 Nov 2016 21:37, caro at nymph.paranoici.org said:

>>Is there any chance to get that disentangled, maybe by defining a
>>separate secret key directory for each public .kbx keyring in use?

No.

> The silence makes me believe that what I described is intended behavior,
> not a 2.1 design flaw. I'd like to know whether that's correct. Any

Correct.  The gpg-agent takes care of private keys and does not know
about gpg or gpgsm.  Deleting a private key is not easy because it may
be used by several protocols.  This is the reason you see an extra
confirmation message when trying to delete a private key.

BTW, the use of the --keyring option is in general not a good idea.  We
would very much like to entirely get rid of them due to the problems
assocciated with that kludge (or well, that upward compatibility with
PGP).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: </pipermail/attachments/20161121/8430740f/attachment.sig>


More information about the Gnupg-users mailing list