https://bugs.kde.org/show_bug.cgi?id=403715
--- Comment #1 from Andre Heinecke <aheine...@gnupg.org> --- For such requirements wouldn't it be best to have a two person setup using a hardware token (e.g. an OpenPGP Smartcard) where one person has access to the token and the second person knows the PIN? Anyhow just to clarify: - You only want to have the second passphrase applied on the export. But don't want to need to enter two passphrases every time you use a key? --> In this case I would suggest to symmetrically encrypt the export with a second passphrase. So you would need both when the key should be imported somewhere. We cannot really implement technical "export" restrictions (without a hardware token where export is impossible by design) because to use the key we need to be able to unlock it and you can always just copy the encrypted key material from the local storage. -- You are receiving this mail because: You are on the CC list for the bug.
