{#} Replies are directed back to [EMAIL PROTECTED]
{#} To reply to the author, write to Clay Caviness <[EMAIL PROTECTED]>
--On Friday, 18 January 2002 19:22 -0500 Theo Schlossnagle
<[EMAIL PROTECTED]> wrote:
My point has been made. You shouldn't be typing your passphrase into a
friend's computer. If you do, you don't care intensely about your key
-- which is not a problem. Many people have two keys (1) casual and (2)
secure. In this case, I fail to see the need to have a complicated,
hard to type pass phrase for the casual key.
What if they have been hacked and have key sniffers installed. Look at
GPG, it doesn't echo. My passphrase is 40 characters long or so (as
everyone's should be). I type it wrong every once in a while, but it
shouldn't ever be echoed to the screen.
i guess i should have specified a trusted friend. say, for example, my
wife's computer. but, this is a fringe case, and i know it's not always
best to cater to those cases. i certainly wouldn't be tossing my passphrase
around at an internet cafe, i agree 100%.
Yeah.. They strive for convenience on top of secure technology. I would
like to not sacrifice that...
i should clarify - this isn't a feature i'm dying to have here, just a
convenience that was provided to me on other occasions that i thought may
be useful in this case. my main request was passphrase verification, which
it seems you're working on - thanks!
I am a democratic man. There is always a solution in coding to satisfy
the masses. I have one in mind if a few people refuse to the "the
light" in the above comments so they will be satisfied. :-)
yes, it's a thin line to walk. on one hand, it's nice to have powerful
tools available and users who know how how to master them. on the other
hand, you don't want to give them the rope they need to hang themselves.
anyway, great work so far on all the GPG code!
cheers!
--
Clay Caviness
mailto:[EMAIL PROTECTED]
http://boobah.com/clay/
{#} ----------------------------------------------------+[ fire ]+---
