On Mon, 14 Aug 2006 16:39, David Shaw said: > You also need to ask yourself: if you're just going to hardcode a > passphrase anyway, would it be better to simply use a key with no > passphrase at all?
That is actually what we are suggesting since years. FWIW: The problem some people have with this is that there are policies in place (even demanded by law) to keep private key material stored encrypted. These policies don't tell from where to take the protection key, though. Obviously they silently allow for storing it in a file or even passing on the command line. It is all plain stupid but sometimes one need to work around such dump requirement. This is the actual reason why we added features for insecure supplying of a passphrase. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
