[PATCH] Make pinentry-qt read and store passphrases in KDE
3.2's wallet
Ingo Klöcker
kloecker at kde.org
Sun Nov 30 20:39:18 CET 2003
On Sunday 30 November 2003 20:13, Martijn Klingens wrote:
> Hiya,
>
> Attached patch makes pinentry-qt use KWallet, the new encrypted
> wallet that will be available in KDE 3.2. This allows centralized
> password storage, amongst other benefits.
Sorry, but storing the passphrase which protects your OpenPGP key in
KWallet is (IMO) completely out of question. The passphrase must never
ever be stored in any form on the hard disk. I'm shocked that someone
actually proposes this. A tiny bug in KWallet (which I'm sure was never
seriously audited) and the OpenPGP keys of all KDE users would have to
be considered compromised.
pinentry-qt doesn't depend on any KDE libraries but only on the Qt
library for good reasons so I very much doubt that Werner Koch or
anyone else from the Aegypten project will take your proposal into
consideration.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20031130/ddbba9b7/attachment.bin
More information about the Gpa-dev
mailing list