[Psi-devel] Re: what happened to saving gpg passphrase?
halr9000 at gmail.com
Sun May 29 08:48:17 PDT 2005
On 5/29/05, Justin Karneges <justin-psi2 at affinix.com> wrote:
> On Saturday 28 May 2005 09:14 pm, Hal Rottenberg wrote:
> > Uhhhh what? I don't recall that decision being made. Besides, I
> GnuPG is a high-security application, to the extent that it even encrypts its
> own local data (your private key) to ward off attackers that manage to
> compromise your machine. Saving the passphrase /on/ the disk defeats the
> purpose of having a passphrase /to/ the disk.
Yeah, yeah, but I only use it for IM. At home I don't care about the
passphrase being on disk anyways. For my purposes, I consider my home
PC is "invincible". My work laptop, maybe I don't want the passphrase
stored there. I suppose the correct way to do this is to ues an
agent. I just didn't want to bother. I don't care that much.
> could use your passwords. With GnuPG, however, the specific purpose of the
> passphrase is to thwart those with access to your machine. By saving it,
> what you are really saying is that you'd rather not have a passphrase at all.
> And guess what? You can remove it if you don't want it. :)
Can you tell me how? I haven't figured that out yet. Yes, I could
figure it out, but see above. I've already spent too much time on
this email for something for which I care almost nothing. gpg
--edit-key doesn't have a passphrase change option.
> Why can't we just use the native functions to encrypt and decrypt the
> passphrase, instead of using half-backed encoding?
Yes, this should be the goal for ANY application. Never store any
password in plain-text. And if there is a native encryption function,
use it over rolling your own.
> The use of a passphrase-saving option indicates a great misunderstanding of
> GnuPG passphrases on the part of users. The fact that the feature existed in
> Psi indicates a great misunderstanding of GnuPG passphrases on the part of
> developers (me). After reading this pile of text I've just written, we
> should all be on a new level of understanding.
Yes. GPG is stupid.
I don't even want to use it, I just want e2e, and I want there to be
almost zero configuration on the client side. Like Trillian. The
only use case I care about is encrypting relatively important data,
such as giving a password to someone in a chat, so that nobody in
between can read it.
> On Sunday 29 May 2005 12:14 am, Remko Troncon wrote:
> > I have always been pretty optimistic about this, and thought that our
> > users would be open for some real changes (provided that the changes
> > were not inherently worse for them). But the GPG thing makes me think
> > i should stop trying this stuff, and just go back to implementing
> > features again.
> Well, you shouldn't be taking any heat from this. I was planning to do it
> someday anyway.
Yeah, don't take it personally Remko. Keep being controversial, it's
good for the project.
So in conclusion, I'm probably just going to disable GPG.
Psi webmaster (http://psi-im.org)
im:hal at jabber.rocks.cc
More information about the Psi-devel-affinix.com