On 21/11/16 15:20, Carola Grunwald wrote: > As for each single decryption task only a defined passphrase is > allowed to be used it's essential to have caching, which implicates > the risk of unauthorized passphrase usage, strictly deactivated.
Why do you lump these users together? At a first glance it seems more logical that they have separate system accounts, or at the least separate GnuPG homedirs (and hence agents). They shouldn't even have access to the encrypted private key in the first place. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
