On 07/26/2017 09:08 PM, Mario Figueiredo wrote: > On Wed, 26 Jul 2017 08:52:12 +0200 > Werner Koch <w...@gnupg.org> wrote: > >> There is a kludge in gpg and gpg-agent described in this comment: >> [...] > > Hello Werner, > > Thank you for the information and debug method. And hopefully this > problem will be fixed sometime in the near future. My brain is old > and tired and it can't just commit to yet another unique password of > any decent quality. > > The sharing of passwords between different keys becomes inevitable > after a certain threshold. And I suspect for everyone, not just old > people. And the gpg-agent just isn't dealing with this situation in an > acceptable way. >
Have you considered using smartcards/tokens to ensure the secret key material is only available when you expect to do operations using the particular keys (as well as protecting against several other threat vectors)? -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Fabricando fit faber Practice makes perfect
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users