Hi, This does not yet exist, I've been doing most of the work on key > generation. I'm hoping to get s2k/password option working soon. > > There is an outstanding issue with key generation where the keys generated > don't seem to work well with gpg. I haven't been able to figure this out > yet, unfortunately... I've also been unable to post to gnpupg-developers > list to see if they would have guidance. >
Ok, good to know. I'll just just have to do without it for the moment. This means that the user will have the manage his private key himself for now. Although this is definitely the right way to go in terms of security, I was also thinking about offering the user an option to let PGPbox manage his passphrase protected private key for him. The idea behind this, is that it could make it easier for nontechnical users, as they will only have to remember a password and not carry their private key around on a usb stick. This may also come in handy in when trying to fetch encrypted files from pgpbox on your phone. But I'm not exactly sure yet if this would just promote insecure behaviour. I'm thinking it's at least more secure than accessing your files from dropbox on your phone, and like I said this would only be an option not the default. What do you guys think? Tankred
_______________________________________________ http://openpgpjs.org
