>>>>> Harry Henry Gebel writes:
hhg> The mode is NOT seen as security enough. The private key is
hhg> encrypted using a symmetrical cipher whose key is derived
hhg> from a hash of the passphrase. (the exact cipher and hash can
hhg> be specified in an S2K block in the secret keyring) In other
hhg> words, if you selected a very good passphrase (this is a BIG
hhg> if for most people) if is just as well encrypted as any gpg
hhg> encrypted message message. The reason people must not be
hhg> allowed to read it is that it gives attackers a single key to
hhg> discover that can then be used to recover ALL of the
hhg> (symmetrical) keys used to encrypt messages with that key,
hhg> (and because most people choose poor passwords discovering
hhg> that one key would not be hard for most people's keyrings. I
hhg> am not sure what doing 'less' on the keyring is supposed to
hhg> indicate?
Oh. I guess I should start thinking about what I write before I
write it. In my defense, I didn't find anything to contradict what I
wrote in the gpg man page, but I suppose that I didn't read enough.
Consider me humbled.
Thanks for the correction,
Chris
--
Every child in America MUST get one of these things for Christmas or
Chanukah or Kwanzaa or Atheist Children Get Presents Day.
-- Dave Barry
