On 31/07/12 09:35, Werner Koch - w...@gnupg.org wrote:
Why do you think gpg2 won't work or does any network access without user consent?
Correct me if I'm wrong, but it is unreasonable to expect anybody to successfully and safely use gpg without understanding the concepts and mastering the skills essential to the WOT: key signing, sub-keys, revocations etc. This makes the use of gpg (or even an early, "portable" pgp version (2.6.something IIRC?) unfeasible). As far as the network access is concerned, the best (the only?) way to ensure there is no compromising network access is to have a network-ignorant application program. In this application I have a group of otherwise technically competent users that, however, have no need or interest to securely communicate or exchange data with anyone who is not a group member and has not been introduced to them by the group manager. (Please take the term "group manager" in the widest possible sense). He can easily do all the necessary key management (distribution, verification, revocation...) functions in the course of his other (quite extensive, actually) group management tasks and activities. Most users in this group have no single computer they operate on. Occasionally they must be able to create cipher-text on "drive-by" computers, not connected to the public network or where any network access is raising undesired attention . It is essential that the software requires no "installation" on the computer it is to be used on. (i.e., it must be statically linked, with no external dependencies). >> ... This file is encrypted with operator's public key... >this probably will not be possible ... Yes (clumsily worded in the OP). Obviously, operator's private key can't be "encrypted with itself" - it will have to be encrypted with a pass-phrase generated key, just as it is in gpg. Peter M. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users