From: Simon Josefsson <jas@extundo.com>
Cc: ding@gnus.org
Subject: Re: Entering passphrase twice when sending PGP signed message
Date: Sun, 14 Sep 2003 17:18:47 +0200 [thread overview]
Message-ID: <ilu8yorz9d4.fsf@latte.josefsson.org> (raw)
In-Reply-To: <m3d6e3flza.fsf@hniksic.iskon.hr> (Hrvoje Niksic's message of "Sun, 14 Sep 2003 17:06:33 +0200")
Hrvoje Niksic <hniksic@xemacs.org> writes:
>> On further thought, one could argue that it should be possible to
>> customize the passphrase cache to a mode where decryption happens
>> automatically using the passphrase cache, but signing do require
>> password input every time, or at least a yes-or-no-p. Since I use
>> an infinite passphrase cache lifetime, to be able to read encrypted
>> messages easily, I'd want this to make sure I don't sign something I
>> wasn't aware of.
>
> yes-no-p would be fine, but requiring the password every time is going
> a bit too far. Entering the passphrase and answering yes-no-p are
> IMHO orthogonal.
I agree, but to clarify, I think the passphrase cache should have a
few modes: (I'm not sure the modes marked with '(?)' are useful.)
* Disabled.
* Enabled for decrypt. (?)
* Enabled for sign. (?)
* Enabled for decrypt and sign.
* Enabled for decrypt and sign, but require confirmation for sign.
* Enabled for decrypt and sign, but require confirmation for decrypt. (?)
* Enabled for decrypt and sign, but require confirmation.
I.e., I didn't mean PGG should ask for a passphrase and then issue
yes-or-no-p, instead I meant that if the passphrase is cached, PGG
should use yes-or-no-p before using the cache.
Finally, if the OpenPGP implementation doesn't require a passphrase
(e.g., gpg-agent), PGG should never ask for a passphrase. I'm not
sure if PGG can find this out automatically in a reliable way, so
perhaps this should be another modus operandi to add to the above set.
next prev parent reply other threads:[~2003-09-14 15:18 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-13 13:27 Hrvoje Niksic
2003-09-13 21:24 ` Simon Josefsson
2003-09-13 23:20 ` Hrvoje Niksic
2003-09-14 0:41 ` Simon Josefsson
2003-09-14 1:22 ` Hrvoje Niksic
2003-09-14 12:05 ` Simon Josefsson
2003-09-14 15:06 ` Hrvoje Niksic
2003-09-14 15:18 ` Simon Josefsson [this message]
2003-09-14 17:17 ` Hrvoje Niksic
2003-09-14 21:48 ` Simon Josefsson
2003-09-14 23:03 ` Jesper Harder
2003-09-14 23:15 ` Simon Josefsson
2003-09-15 0:52 ` Jesper Harder
2003-09-15 11:18 ` Simon Josefsson
2003-10-17 18:03 ` Lars Magne Ingebrigtsen
2003-10-17 21:44 ` Simon Josefsson
2003-10-17 22:39 ` Lars Magne Ingebrigtsen
2003-10-18 0:04 ` Simon Josefsson
2003-10-18 15:49 ` Jesper Harder
2003-10-18 16:26 ` Lars Magne Ingebrigtsen
2005-10-13 19:48 ` Attachments and security menu (was: Entering passphrase twice when sending PGP signed message) Reiner Steib
2006-04-26 20:30 ` Attachments and security menu Reiner Steib
2003-09-14 21:02 ` Entering passphrase twice when sending PGP signed message Matthias Andree
2003-09-14 21:38 ` Simon Josefsson
2003-09-14 23:12 ` Matthias Andree
2003-09-14 23:49 ` Simon Josefsson
2003-09-15 0:10 ` Matthias Andree
2003-09-13 23:30 ` Jesper Harder
2003-09-14 1:17 ` Hrvoje Niksic
2003-09-14 1:45 ` Jesper Harder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ilu8yorz9d4.fsf@latte.josefsson.org \
--to=jas@extundo.com \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).