external keystore option?

Lord of the Lists listmaster at gnupg.org
Thu May 11 12:19:14 CEST 2000


----- Forwarded message from "Mikolaj J. Habryn" <dichro-mail-3474b0e at rcpt.to> -----

Date: Thu, 11 May 2000 10:58:59 +0200
From: "Mikolaj J. Habryn" <dichro-mail-3474b0e at rcpt.to>
To: gnupg-devel at gnupg.org
Subject: external keystore option?
X-Diagnostic: Mail coming from a daemon, ignored

  Are there any plans for or opinions on the possibility of separating 
out the sensitive key management operations in gnupg (along the lines
of ssh-agent for ssh)? I had a dig through the archives (a while ago), 
and recall seeing the subject come up once, but with no definitive
resolution.

  I would like to see such functionality in gnupg; there are certain
situations (such as Debian package creation) where a flexible policy
engine would save a fair bit of passphrase retyping.

  My reason for asking is not purely academic; I recently published
keymgr, an application designed to serve this purpose, whose only real 
claims to fame at present are a pretense to modularity and enough
functionality to allow one to keep one's ssh keys on a Java ring.

  I've cobbled together enough code fragments to probably allow it to
fake the desired effect by using a wrapper for gpg along with
--passphrase-fd option (and obviously tracking passphrases in keymgr),
but it's something of a suboptimal solution.

m.



----- End forwarded message -----

-- 
Werner Koch				OpenPGP key 621CC013
OpenIT GmbH                             tel +49 211 239577-0
Birkenstr. 12                           email   wk at OpenIT.de
D-40233 Duesseldorf                     http://www.OpenIT.de



More information about the Gnupg-devel mailing list