Page MenuHome GnuPG
Create Task
Maniphest T5083

usecase for --detach-sign as the default signature creation method
Open, NormalPublic
Actions

Description

Hello all,

Thank you for gpg2!

I have the following usecase:

  1. encrypt file.txt to file.txt.gpg
  2. sign file.txt to file.txt.sig
  3. upload file.txt.gpg and file.txt.sig to UNSECURE CLOUD

Now I have the possibility to --decrypt file.txt.sig from the unsecure cloud environment!

I propose to change the default in step 2) to a --detach --sign and possibly create a new --attach --sign as the optional feature!

Otherwise it is easily possible to compromise file.txt with distributing the created signature!

Thanks for considering!

Ciao
Gerrit

Details

Version
2.2.19

Event Timeline

leder renamed this task from usecase for --detach --sign as the default signature creation to usecase for --detach --sign as the default signature creation method.Sep 25 2020, 9:34 AM
leder created this task.
werner added a subscriber: werner.Sep 25 2020, 10:03 AM

I am sorry, but I do not understand your request. Please give real commands as examples.
You known that you can always use --output FILENAME to force a certain file name?

werner triaged this task as Normal priority.Oct 1 2020, 3:01 PM
werner added a project: Info Needed.
leder added a comment.Oct 3 2020, 7:26 PM

T5083.txt2 KBDownload

Hello Werner,

thank you for your info on the output FILENAME: I have recorded an example session w/ the last line being the proposed:

  • --attach-sign command
  • --sign command being obsolete

Please have a look and tell me your opinion!

Ciao
Gerrit

leder renamed this task from usecase for --detach --sign as the default signature creation method to usecase for --detach-sign as the default signature creation method.Oct 3 2020, 7:31 PM
Jab added a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 11:55 AM
aheinecke removed a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 12:21 PM
leder added a comment.Jan 27 2021, 12:44 PM

provided Info by comment from 20201003: please remove Tag "Info needed (Backlog)"!

thesamesam added a subscriber: thesamesam.Sep 1 2023, 5:30 AM