bug-anubis
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-anubis] General Security Question


From: Timo Meinen
Subject: [bug-anubis] General Security Question
Date: Thu, 17 Nov 2005 00:22:31 +0100
User-agent: Opera M2/8.50 (Linux, build 1358)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear developers and users of Anubis,

I successfully installed Anubis and it signs every outgoing mail of me (like you can see at the end of this mail :-) with my GPG key.

But I have a general security question. Perhaps I didn't understand the system correctly or perhaps I am using a wrong configuration, so please explain the following to me:

GPG provides a mechanism to be absolutly sure, that a signed message was written by the person who has the corresoponding key. To secure the private key it is normally enrypted with a passphrase, which only the one identity should know.

Using Anubis, I am supposed to write my passphrase in a database on the Anubis-computer. And in this database it is written in plaintext. So, at least the root user of this system is able to read all the GPG passphrases of the users using this Anubis installation. I would prefer to keep the GPG passphrase only in my mind and not in plaintext on any server.

The second problem I see is, that a person who is able to log into the Anubis SMTP Relay, may write messages and let Anubis sign it with MY key.

Is there another possibility to let Anubs sign my messages but without saving my passphrase on the server?

Thank you for your answers
Timo Meinen
address@hidden

- --
Gl├╝ck Auf
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFDe6o9eh8+Xr6H+wkRAt6EAJ9/qu+KSQnstFMtsqcicuXV31jjoQCfTA/s
M99ruL6drGf/tGea59x0YBs=
=svnT
-----END PGP SIGNATURE-----




reply via email to

[Prev in Thread] Current Thread [Next in Thread]