[PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet

Werner Koch wk at gnupg.org
Mon Dec 1 08:45:33 CET 2003


On Sun, 30 Nov 2003 20:39:18 +0100, Ingo Klöcker said:

> KWallet is (IMO) completely out of question. The passphrase must never 
> ever be stored in any form on the hard disk. I'm shocked that someone 

Well said.  There is no reason to do this because a passphrase stored
on disk is useless - if you want that you would be better off to save
your key without any passphrase.  The thread model against the
passphrase tries to protect is a compromised secret key - much like a
PIN protects against lost or stolen smartcard.  If someone is able to
read a (protected) secret key, he will also be able to read the file
where KWallet stores the keys.  Thus there is no real protection.  IF
on OTOH someone is able to mount an active attack, he can do almost
everything and neityer a passphrase nor any other mechanism will help.

> seriously audited) and the OpenPGP keys of all KDE users would have to 
> be considered compromised.

Well, not really.  Only if an attacker is able to read arbitrary data
on that box.

> pinentry-qt doesn't depend on any KDE libraries but only on the Qt 
> library for good reasons so I very much doubt that Werner Koch or 
> anyone else from the Aegypten project will take your proposal into 

Right.  To make use of tghe pinentry to cache passwords, use the
gpg-agent and let it do it.  There is a simple mechanism to use it for
that task (that is what gpg currently uses).

  Werner

-- 
Werner Koch                                      <wk at gnupg.org>
The GnuPG Experts                                http://g10code.com
Free Software Foundation Europe                  http://fsfeurope.org




More information about the Gpa-dev mailing list