Re: Bug#466669: ITP: squirrelmail-gpg -- GnuPG plugin for SquirrelMail
On ke, 2008-02-20 at 01:56 -0800, Don Armstrong wrote:
> On Wed, 20 Feb 2008, Jan Hauke Rahm wrote:
> > * Decrypt on reading encrypted message
> > * Encrypt, Decrypt, and Sign Attachments
> > * Sign messages and verify signatures
>
> I really, really hope it's implementing in some incredibly novel way
> that doesn't involve having secret keys on the webserver (channeling
> Manoj) or *even* network accessible.
>
> Otherwise it's pretty much insta-buggy by design.
I can imagine ways in which this could be used safely. For instance, by
using it instead of mutt or alpine or some GUI software on a machine
which gets disconnected from the network while the GnuPG operations
happen.
That's not a very likely scenario.
A more likely scenario would be to use a low-security key on a web
server -- it's quite imperfect security, but if you understand the
risks, it's better than not using GnuPG. For example, it prevents
routine eavesdropping and requires the opponent to actually break into
the web server to get a copy of your key.
May I suggest that the package adds a big warning about the security
issues to the description, and README.Debian? Possibly even NEWS.Debian?
Reply to: