[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: invalid gpg key revocation
From: Daniel Kahn Gillmor <dkg () fifthhorseman ! net>
Date: 2012-03-07 20:45:05
Message-ID: 4F57C8D1.5040600 () fifthhorseman ! net
[Download RAW message or body]
On 03/07/2012 03:31 PM, Ingo Klöcker wrote:
> Hmm. I guess you are right. Just a minor remark: To my knowledge it is
> not possible to get the passphrase out of gpg-agent. The whole point of
> gpg-agent is that it encapsulates all operations involving the secret
> key and the passphrase in order to minimize the risk of leaks of this
> information (see http://www.gnupg.org/aegypten/tech.en.html).
As i understand it, this is true for gpg-agent for gpgsm (S/MIME) in
general, and for all operations (including OpenPGP) using the
as-yet-unreleased gpg 2.1. But for those of us using gpg-agent for
OpenPGP operations for gpg 1.x or 2.0.x, you can indeed extract the
passphrase from the agent. :/
Looking forward to a transition to gpg 2.1,
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic