[Bug 269403] Re: Seahorse doesn't warn the user when a private key is exported
** Changed in: seahorse Status: New => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/269403 Title: Seahorse doesn't warn the user when a private key is exported To manage notifications about this bug go to: https://bugs.launchpad.net/seahorse/+bug/269403/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 269403] Re: Seahorse doesn't warn the user when a private key is exported
** Changed in: seahorse Importance: Unknown = Wishlist -- Seahorse doesn't warn the user when a private key is exported https://bugs.launchpad.net/bugs/269403 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 269403] Re: Seahorse doesn't warn the user when a private key is exported
Why is this option/action offered to the user at all? seems useles and dangerous From gpg man page: --export-secret-keys --export-secret-subkeys Same as --export, but exports the secret keys instead. This is normally not very useful and a security risk. The second form of the command has the special property to render the secret part of the primary key useless; this is a GNU extension to OpenPGP and other implementations can not be expected to successfully import such a key. See the option --simple-sk-checksum if you want to import such an exported key with an older OpenPGP implementation. -- Seahorse doesn't warn the user when a private key is exported https://bugs.launchpad.net/bugs/269403 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 269403] Re: Seahorse doesn't warn the user when a private key is exported
Upstream comment: Comment #1 from Stef Walter (seahorse developer, points: 20) 2008-09-13 14:09 UTC [reply] The file is still encrypted with the private key's password. I don't think there's any more danger than the file sitting on their computer. -- Seahorse doesn't warn the user when a private key is exported https://bugs.launchpad.net/bugs/269403 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 269403] Re: Seahorse doesn't warn the user when a private key is exported
Agreed. Though one could argument that someone who uses gpg knows the importance of keeping the private key secret, a warning isn't the worst thing to do. I reported this issue upstream, you can track the status and make comments here: http://bugzilla.gnome.org/show_bug.cgi?id=551962 ** Changed in: seahorse (Ubuntu) Importance: Undecided = Wishlist Assignee: (unassigned) = Ubuntu Desktop Bugs (desktop-bugs) Status: New = Triaged ** Also affects: seahorse via http://bugzilla.gnome.org/show_bug.cgi?id=551962 Importance: Unknown Status: Unknown -- Seahorse doesn't warn the user when a private key is exported https://bugs.launchpad.net/bugs/269403 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 269403] Re: Seahorse doesn't warn the user when a private key is exported
** Changed in: seahorse Status: Unknown = New -- Seahorse doesn't warn the user when a private key is exported https://bugs.launchpad.net/bugs/269403 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs