On Tue, 07 Jan 2003 20:19:42 CST, Frank Knobbe said: > Assuming a PGP encryption to itself is performed, then I agree. But > shouldn't it be possible to encrypt to a key which does not reside on > the encrypting computer? Once could leave only the recipients public key > and the batch process' private on this system and encrypt to the > recipient, then move the data out. At this point the data can not be > decrypted since we don't have the recipients secret key. Not having the > process' public key will prevent the encryption-to-self issue. > > The data at its other location can then be decrypted with the recipients > secret keys and the encrypting process' public key. Technically, you're correct - but your solution doesn't actually fix things... Unfortunately, you've just pushed the problem around - you now have your data in a file that you need to copy to another system and decrypt in order to actually DO anything with it. So you still have the private-key problem, just on a different server. /Valdis
This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 10:16:09 PST