Excerpts from Werner Koch's message of Fri Jan 14 21:01:45 +0100 2011: > It would definitely be helpful because it makes a safe installation much > easier. It will be used automagically and thus one does not need to > fiddle with suspend scripts. All the password managers would benefit > form that as they all have the same problem.
> The main threat model would be a stolen laptop with cached passphrases > in suspend or hibernation mode. Might also be useful for smartphones. Sounds nice for some users. But please don't forget about users who don't want their pass phrase to be forgotten during suspend: 1. Users on systems that aggressively auto-suspend during regular operation (e.g. on the OLPC XO). 2. Users with a threat model that doesn't consider "stolen during suspend-to-RAM" to be different from "stolen while powered on". So please make it easy to opt out from, preferably both on a system-wide (to deactivate it for all applications that might make use of it) and a per-user basis (i.e. without requiring root access). Sascha -- http://sascha.silbe.org/ http://www.infra-silbe.de/
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
