* Christopher Smith ([EMAIL PROTECTED]) [000330 02:09]:
> -you still need some authentication mechanism between gnupgd and
> applications, and this must somehow be fairly secure. I believe ssh2
> relies on process parent/child relationships to do
> authorization/authentication and I don't see this as reliable.
No!
Think like this:
Mutt wishes to store a password for later use, so it asks the user for the
passphrase, xor's it with a key, connects to gnupgd using a named pipe set
up by the admin of the box, hands the xored passphrase to gnupgd, and wipes it
from memory, then requests (over the same connection) a token it can use to
get the key back, which is passed down to mutt. This token will never be
passed over the cleartext link again, because a challenge response thing is
much more fun. Why you ask? Because this way you allow mutt to keep track of
how many times the passphrase has been read from gnupgd, and you can thus set
of all sorta of alarms and uglyness should there have been a read mutt didn't
want.
Just my $0.02.
Terje Elde
--
PGP @ http://www.elde.org 0xBC26460D 0xE16020ED
55BE 4633 6DAD 1CE6 0C58 544A F072 E02E BC26 460D
PGP signature
