Re: CVS commit: src/crypto/external/bsd/netpgp/dist

[Alistair Crooks <agc%pkgsrc.org@localhost>]

On Mon, May 11, 2009 at 12:11:03PM +1000, Daniel Carosone wrote:
> On Mon, May 11, 2009 at 02:55:03AM +0100, Alistair Crooks wrote:
> > On Mon, May 11, 2009 at 11:09:40AM +1000, Daniel Carosone wrote:
> > > On Sat, May 09, 2009 at 03:46:28AM +0100, Alistair Crooks wrote:
> > > 
> > > > [...] since there's no way of changing a PGP passphrase
> > > > short of generating a new key.
> > > 
> > > Huh?  Sure, you have a need to deal with keyring copies from before
> > > the change, maybe with some more rm -P and its limtations, but
> > > otherwise, I don't understand this.  
> > 
> > Sorry, I must be missing something then (perfectly possible, now I'm
> > old and grey) - how do you change the passphrase on a PGP key?
> 
> For gpg, the passwd sub-command under edit-key.  For other
> implementations, special sigils created by waving the magic
> wand^Wpointer.  
> 
> If the corresponding feature is missing from this implementation,
> that's a deficiency, but not a limitation of the format.  Someone
> might implement the feature, or you might combine tools since the
> keyring format is standardised and (I hope) therefore the tools are
> interoperable.   

Cool, thanks, that's exactly the information I was looking for.

I'll look into providing that somehow (I've been of the opinion that
we need one binary for key management, and one binary for
signing/verification and encrypting/decrypting for a while now - it's
the way that the old nbpg SoC project was going too), and that
definitely gives me an incentive to do that kind of split.

Thanks once again,
Al