On 09/19/2017 03:53 PM, Andreas Heinlein wrote: > Handling of the passphrase is about one of the most sensitive > tasks when dealing with encryption. I currently can think of no way you > could handle passphrases on your own in python which I would call > 'secure'.
In such a scenario I'd likely use a custom pinentry, that'd be the same recommendation for a password manager etc, as for security info is passed in the socket that is protected using regular unix user permissions / ACLs and anyways same as regular pinentry uses. -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- "To live is the rarest thing in the world. Most people exist, that is all." Oscar Wilde
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
