<<< Date Index >>>     <<< Thread Index >>>

Re: PGP timeout patch



> If I understand the explanation of the patch, it sounds like it
> violates the point of having the pgp/gpg password expire which is
> that the mutt user must provide the password to limit the damage
> done if someone else gains access to the mutt session.  Extending
> the cache time of the password allows more spoofed e-mails.

While this might be true, the trade-off is that I can now set a much
lower timeout value.  I used to have a timeout value of 15 minutes
because I got tired of entering my passsphrase so often.  Now my
timeout is set to 60 seconds.  By my reckoning, this substantially
reduces the likelihood of someone gaining access to my mutt session.

Ben

Attachment: pgpB7FuauFNee.pgp
Description: PGP signature