On Mon, May 11, 2009 at 12:11:03PM +1000, Daniel Carosone wrote: > On Mon, May 11, 2009 at 02:55:03AM +0100, Alistair Crooks wrote: > > On Mon, May 11, 2009 at 11:09:40AM +1000, Daniel Carosone wrote: > > > On Sat, May 09, 2009 at 03:46:28AM +0100, Alistair Crooks wrote: > > > > > > > [...] since there's no way of changing a PGP passphrase > > > > short of generating a new key. > > > > > > Huh? Sure, you have a need to deal with keyring copies from before > > > the change, maybe with some more rm -P and its limtations, but > > > otherwise, I don't understand this. > > > > Sorry, I must be missing something then (perfectly possible, now I'm > > old and grey) - how do you change the passphrase on a PGP key? > > For gpg, the passwd sub-command under edit-key. For other > implementations, special sigils created by waving the magic > wand^Wpointer. > > If the corresponding feature is missing from this implementation, > that's a deficiency, but not a limitation of the format. Someone > might implement the feature, or you might combine tools since the > keyring format is standardised and (I hope) therefore the tools are > interoperable.
Cool, thanks, that's exactly the information I was looking for. I'll look into providing that somehow (I've been of the opinion that we need one binary for key management, and one binary for signing/verification and encrypting/decrypting for a while now - it's the way that the old nbpg SoC project was going too), and that definitely gives me an incentive to do that kind of split. Thanks once again, Al
