On Wed, Mar 30, 2011 at 11:08:44AM -0600, Jeff Anderson wrote: > It seems like a logical design-- GPG is a tried and tested encryption > technology, why not use it as a backend for a password manager? Is there > something inherently wrong with that idea?
It is important to understand that GnuPG is really just a fronted to publicly available encryption and hashing algorithms. It is not so much that the password manager use GnuPG, as much as it uses an algorithm that has shown good resistance to cryptanalysis, such as AES, like GnuPG. Further, GnuPG is a public key crypto system, where password stores are better suited for "master passwords". Either the software would have to ship GnuPG, which means managing updates on its own, or it relies on it as a dependency, either way, bloating the end result. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o
signature.asc
Description: Digital signature
-------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
