Hi, I have a question regarding the keyring. When the user logs in for the frist time, a new keypair is generated and stored in the keyring:
var keys = openpgp.generate_key_pair(1, numBits, userId, passphrase); openpgp.keyring.importPrivateKey(keys.privateKeyArmored, passphrase); openpgp.keyring.importPublicKey(keys.publicKeyArmored); openpgp.keyring.store(); Does this mean the red peace of code mean that the user's passphrase is stored along with his private key in the HTML5 local storage? I'm not quite sure what the best practice is in terms of passphrase handling. Thanks Tankred
_______________________________________________ http://openpgpjs.org
