GnuPG cannot know if is runs in a "secure" environment (Re: standard comment)
marqueandreprisal at duck.com
marqueandreprisal at duck.com
Sat May 30 05:49:28 CEST 2026
Hi Bernhard I seen you came over from the forum. Yeah I applied the
comment manually ultimately the final authority in security is the user.
That is what I meant for the user to apply the standard comment if you
look at my key I applied the minimal comment as a standard comment "this
key was not created in an environment known to be secure". Like I said
generally PGP was designed for DOS which is pretty good security wise.
Now days I guess what you can do is build your own minix floppy for GPG +
Email but modern machines won't even take a floppy unless it uses some
maybe compromised USB packet driver <- you can't boot from that
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 281 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260529/6214cad7/attachment.sig>
More information about the Gnupg-users
mailing list