[Enigmail] Telling Enigmail to remember passwords?

John Clizbe John at Mozilla-Enigmail.org
Tue Feb 17 03:14:48 PST 2009 

Michael J Gruber wrote:
> John W. Moore III venit, vidit, dixit 12.02.2009 12:12:
>> Michael J Gruber wrote:
>>> Also, you might want to look into using gpg-agent.
>> 
>> I disagree; unless One requires the 'features' of GPG2 then GPG Agent is
>> totally unnecessary!  Enigmail can/will cache the passphrase for  the
>> necessary amount of time.
>
> gpg-agent isn't really about making gpg2 features available, although it
> is part of gpg2 now.
> 
> The main point is that gpg-agent is small and well-audited. OTOH, having
> Enigmail cache the passphrase means having Thunderbird cache the
> passphrase. So, from a security perspective gpg-agent is the much better
> approach, rather than being "totally unnecessary". May I suggest you
> recheck whether your strong wording is really an appropriate match to my
> "Also, you might want to..."?
> 
> Besides, gpg-agent keeps the passphrase across restarts of TB and
> provides it to other clients as well, although this might not matter to
> the OP.


All of those are correct, Michael, BUT I thoroughly understand John's POV and I'll
add, as it was stated, I disagree. "Also, you might want to look into using
gpg-agent." lacks a key caveat: Also since you are running a Linux,..." would be
correct in this case.

There are a large number of Windows users on this list. There is no gpg-agent support
in GnuPG 1.4 on win32.

For Windows users, John is correct in stating that GnuPG 2.0 is required. In order to
get agent support on win32 requires GnuPG 2.0. gpg2 for win32 is so far only
available as part of gpg4win, which up until the present RC doesn't work on Vista and
there seem to be some issues with the entire package getting to a gpg4win 2.0 which
keep some of use from wholeheartedly recommending it.

My own use case for recommending GnuPG2.0 on win32 is to get gpg-agent support for
multiple keys with multiple passphrases. For a single key or multiple keys with null
or the same passphrase, Enigmail is sufficient.
-- 
John P. Clizbe                      Inet:John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net  or
     mailto:pgp-public-keys at gingerbear.net?subject=HELP

Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 677 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090217/31582bdd/attachment.bin>

More information about the Enigmail mailing list