[Kmymoney-devel] Feedback

Thomas Baumgart thb at net-bembel.de
Wed Jan 9 15:38:39 UTC 2013

Hi all,

On Wednesday 09 January 2013 13:39:58 Allan wrote:


> So that I am clear(er) now, do I take it that the user should have his
> file encrypted with the emergency key before the emergency actually
> occurs, but that this is not mandatory?  Otherwise, should the user lose
> his key, then he is sunk.

Yes! Exactly.

> If so, then isn't that a bit risky.  Would
> there be some penalty in having that built in?

Well, this is somewhat a security issue. In case people encrypt their data 
using their own *and* the emergency key, they trust themselves and those who 
keep (have access to) the private part of the emergency key. I want to keep 
this trust as an opt-in choice for those who understand GPG. The GPG sites and 
documentations are full of warnings about the loss of the private key.

On the technical side of things, the public emergency key must be part of the 
GPG keyring and I don't want to add it to the users keyring automatically. 
What if someone corrupts the key or its ID in the KMyMoney 
source/package/binary and the user installs a completely different key? I want 
the user to see what he is doing by obtaining the key manually from a key 
server and check its trustworthyness before he adds it to his keyring for 



Thomas Baumgart

GPG-FP: E55E D592 F45F 116B 8429   4F99 9C59 DB40 B75D D3BA
A crash turns an expensive computer into a simple stone!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 225 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kmymoney-devel/attachments/20130109/1a2c18a4/attachment-0001.sig>

More information about the KMyMoney-devel mailing list