[Kmymoney-devel] Feedback
Thomas Baumgart
thb at net-bembel.de
Wed Jan 9 15:38:39 UTC 2013
Hi all,
On Wednesday 09 January 2013 13:39:58 Allan wrote:
[...]
> So that I am clear(er) now, do I take it that the user should have his
> file encrypted with the emergency key before the emergency actually
> occurs, but that this is not mandatory? Otherwise, should the user lose
> his key, then he is sunk.
Yes! Exactly.
> If so, then isn't that a bit risky. Would
> there be some penalty in having that built in?
Well, this is somewhat a security issue. In case people encrypt their data
using their own *and* the emergency key, they trust themselves and those who
keep (have access to) the private part of the emergency key. I want to keep
this trust as an opt-in choice for those who understand GPG. The GPG sites and
documentations are full of warnings about the loss of the private key.
On the technical side of things, the public emergency key must be part of the
GPG keyring and I don't want to add it to the users keyring automatically.
What if someone corrupts the key or its ID in the KMyMoney
source/package/binary and the user installs a completely different key? I want
the user to see what he is doing by obtaining the key manually from a key
server and check its trustworthyness before he adds it to his keyring for
usage.
--
Regards
Thomas Baumgart
GPG-FP: E55E D592 F45F 116B 8429 4F99 9C59 DB40 B75D D3BA
-------------------------------------------------------------
A crash turns an expensive computer into a simple stone!
-------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 225 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kmymoney-devel/attachments/20130109/1a2c18a4/attachment-0001.sig>
More information about the KMyMoney-devel
mailing list