Re: PGP scripting...

From: Valdis.Kletnieksat_private
Date: Tue Jan 07 2003 - 20:17:07 PST

  • Next message: Valdis.Kletnieksat_private: "Re: PGP scripting..."

    On Tue, 07 Jan 2003 20:19:42 CST, Frank Knobbe said:
    
    > Assuming a PGP encryption to itself is performed, then I agree. But
    > shouldn't it be possible to encrypt to a key which does not reside on
    > the encrypting computer? Once could leave only the recipients public key
    > and the batch process' private on this system and encrypt to the
    > recipient, then move the data out. At this point the data can not be
    > decrypted since we don't have the recipients secret key. Not having the
    > process' public key will prevent the encryption-to-self issue.
    > 
    > The data at its other location can then be decrypted with the recipients
    > secret keys and the encrypting process' public key.
    
    Technically, you're correct - but your solution doesn't actually fix things...
    
    Unfortunately, you've just pushed the problem around - you now have your
    data in a file that you need to copy to another system and decrypt in order
    to actually DO anything with it.  So you still have the private-key problem,
    just on a different server.
    
    /Valdis
    
    
    
    



    This archive was generated by hypermail 2b30 : Wed Jan 08 2003 - 10:16:09 PST