Hi all, On Wednesday 09 January 2013 13:39:58 Allan wrote:
[...] > So that I am clear(er) now, do I take it that the user should have his > file encrypted with the emergency key before the emergency actually > occurs, but that this is not mandatory? Otherwise, should the user lose > his key, then he is sunk. Yes! Exactly. > If so, then isn't that a bit risky. Would > there be some penalty in having that built in? Well, this is somewhat a security issue. In case people encrypt their data using their own *and* the emergency key, they trust themselves and those who keep (have access to) the private part of the emergency key. I want to keep this trust as an opt-in choice for those who understand GPG. The GPG sites and documentations are full of warnings about the loss of the private key. On the technical side of things, the public emergency key must be part of the GPG keyring and I don't want to add it to the users keyring automatically. What if someone corrupts the key or its ID in the KMyMoney source/package/binary and the user installs a completely different key? I want the user to see what he is doing by obtaining the key manually from a key server and check its trustworthyness before he adds it to his keyring for usage. -- Regards Thomas Baumgart GPG-FP: E55E D592 F45F 116B 8429 4F99 9C59 DB40 B75D D3BA ------------------------------------------------------------- A crash turns an expensive computer into a simple stone! -------------------------------------------------------------
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ KMyMoney-devel mailing list KMyMoney-devel@kde.org https://mail.kde.org/mailman/listinfo/kmymoney-devel
