On Wed, 2005-08-10 at 14:18 -0700, [EMAIL PROTECTED] wrote: > when adding a new userid, gnupg understandably requires a > passphrase, > > why doesn't gnupg require a passphrase when deleting a uid ? > > (granted, if someone found my secring.gpg, this would be my least > worry ;-) > > but, in principle, > shouldn't all key editing functions require a passphrase ?
The point of a passphrase is not to ensure data integrity. If someone has sufficient access to your system, that person could delete your entire secret keyring (and all of your uids) no matter how gpg implemented passphrases. secring.gpg is just a file and it can be rm'd. Adding a uid requires a passphrase because the new uid needs to be signed, and that requires your secret key. Deleting a uid just means, more or less, chopping a block of bytes out of secring.gpg. The passphrase protects your secret key from being used by other people. hth, Eric _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
