On 08.09.20 13:49, li...@datenritter.de wrote:
Eventually you'll enter your master password anyway. After that there's no other layer of security. All your passwords, certificates and PGP-keys lie about in memory. So I'm concerned about memory leaks and code injections.
If you're worried that another process on your computer can steal your key, the risk is the same with GnuPG agent, which also caches the passphrase in memory for a while.
If there's an evil process on your computer with the ability to read keys from memory, that process probably also is able to record your passphrase keystrokes.
I think the primary intention of a key passphrase is to protect the key files at rest. If your key files leave your computer, for example as part of a (cloud) backup, it isn't possible to use your keys, unless the passphrase protection is broken. Setting a master password achieves that level of protection.
Kai _______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
