Confirmation for cached passphrases useful?

Robert J. Hansen rjh at sixdemonbag.org
Sat Oct 16 01:39:26 CEST 2010


> I strongly agree with this point.  Let's think about it another way:
> what if the user is themselves doing something that is unintentionally
> accessing the key?

Then that's the user's own problem.  They're the one who decided to enable passphrase caching and to set a large timeout window.  They get to make their decisions, and it's foolish of us to try to protect them from it.

In fact, I would argue this "feature" would cause more problems than it claims to solve.  The number of people who would benefit from it is relatively small.  The number of people who discover their automated scripts no longer work would be large.

No choice comes without consequences.  This feature enhancement is no exception.




More information about the Gnupg-users mailing list