<<< Date Index >>>     <<< Thread Index >>>

Re: Forget PGP passphrase when launching editor?



* On Fri, Oct 29, 2004 Michael Kjorling (michael@xxxxxxxxxxxx) muttered:
> On 2004-10-29 00:03 +0200, mutt@xxxxxxxxxxxxxx wrote:
> >> ... forget my PGP passphrase when launching the editor?
> > 
> > Is there a possible security problem here?
> 
> Actually, yes. If the caching time is set long enough, and the user
> does not do <forget-passphrases>, someone could send a mail and sign
> it using the user's PGP key, thus effectively impersonating them (much
> more effectively than simply setting the From header).
> A simple boolean option ("editor_forgets_pass"?), defaulting to unset
> (the present behavior) probably wouldn't take much code, and would
> certainly help mitigate this potential problem.

I don't agree. Given that cashing the pass phrase might be a -
theoretical - security risk the only answer to that risk is not to
cache the pass phrase at all.
Why the editor? I usually enter my pass phrase _after_ leaving the editor
when I sign or encrypt the message. Or when reading an encrypted mail to
which I might not reply on the instant. (so again no editor) This is
totally by chance and does not contribute to being more secure.
If you think caching the pass phrase is a security risk don't cache it.
On the other hand you might have other problems then identity theft when
that someone is able to use your running mutt session.

Michael
-- 
... A booming voice says, "Wrong, cretin!", and you notice that you
have turned into a pile of dust.

GPG Key ID: 0xDC1A44DD