On Thu, Aug 29, 2019, 05:25 Sylvia Gough <[email protected]> wrote:
> First, I'd like to thank Jason for all the amazing crypto work he's been > doing. > > Now to my question. I'm considering using pass as my password manager, and > security is obviously a top concern for this roll. I know that pass is > using GPG under the hood, and as far as I can see GPG doesn't get much love > among cryptographers[1][2]. > I'm going to assume "role" refers to a part you have in a larger organization. If this is the case, I've found pgp a pain to try to implement in a corporate environment (mainly due to lack of tracking, and no ocsp or similar revocation mechanism). If this is the case, you may be interested in making your hardware tokens pkcs8 (iirc - pkcs version of pgp cars anyway) and using keycloak (redhat?) -> vault (hashicorp). The later should be adding pgp support too (which I want for fim and rpm signing) which you /should/ be able to get to directly work with pass. That said, I haven't gotten this all setup at home and am still happy with pass for personal use. >
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
