[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Kmail plugin progress
From: Ingo =?iso-8859-1?q?Kl=F6cker?= <ingo.kloecker () epost ! de>
Date: 2003-08-19 22:11:55
[Download RAW message or body]
Sorry, for replying to such an old thread, but I didn't have time to
read it earlier. Still, being KMail's current maintainer, I'd like to
clear a few misunderstandings.
On Sunday 20 July 2003 03:05, Robin Lynn Frank wrote:
> On Saturday 19 July 2003 05:14 pm, Neil Williams wrote:
> > On Sunday 20 Jul 2003 12:40 am, Robin Lynn Frank wrote:
> > > On Saturday 19 July 2003 04:04 pm, Robin Lynn Frank wrote:
> > > This is a follow-up. The third email I sent required a
> > > poassphrase. I wonder what this one will do? :-(
> >
> > Kmail doesn't cache the passphrase forever, or even until you close
> > the app. It waits for a certain amount of idle time and then drops
> > the cached passphrase. Even if you send a lot of different emails
> > as a series, it will eventually ask to confirm the passphrase
> > again.
> >
> > Otherwise someone could sign an email as you if you get up to go to
> > the fridge etc.
>
> There are certain aspects of kmail that I am beginning to dislike a
> lot. I have got to find a mailer that absolutely will never cache a
> passphrase without having to go back to the dark ages (non-gui). :-(
> The odd thing is that I do not recall a case of having any email go
> our without entering a passphrase before I installed the plugin.
As was already said by others it's not KMail which caches the passphrase
but gpg-agent. gpg-agent is, just like ssh-agent, a very small program
(with respect to LOC) which can be used to cache the passphrase. If you
don't want this then you'll have to tell gpg-agent not to cache it by
setting the default-cache-ttl to 0.
BTW, gpg-agent was written by Werner Koch's company and not by any KDE
developer. So if you want to complain about gpg-agent caching your
passphrase then send your complaints to the companies involved in the
Aegypten project. IMO they did a rather good job. The only problem is
that using the crypto plugins is so damn difficult.
BTW2, the certificate manager is for managing S/MIME certificates. It's
useless for OpenPGP keys/certificates. So unless you have to deal with
S/MIME certificates simply ignore it.
Regards,
Ingo
[Attachment #3 (application/pgp-signature)]
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic