You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to the document from GPG tools, setting GNUPGHOME
can create a separated environment, e.g. socket file path between gpg and gpg-agent.
Currently, this extension communicated with the gpg-agent,
perform a dummy signing operation with pinentry-loopback to force gpg-agent to cache the passphrase.
With GNUPGHOME, it seems possible to do some MITM operation,
so we can prompt user to provide passphrase when it's actually asked by gpg-agent.
vscode -> git -> gpg -redirect by GNUPGHOME-> agent by our extension -> actual agent
v
ask passphrase from user
Compare to current design, this mechanism need more initial setup and runtime process management.
But it would be a big improve if everything are done properly
The text was updated successfully, but these errors were encountered:
According to the document from GPG tools, setting
GNUPGHOMEcan create a separated environment, e.g. socket file path between
gpgandgpg-agent.Currently, this extension communicated with the
gpg-agent,perform a dummy signing operation with pinentry-loopback to force
gpg-agentto cache the passphrase.With
GNUPGHOME, it seems possible to do some MITM operation,so we can prompt user to provide passphrase when it's actually asked by
gpg-agent.Compare to current design, this mechanism need more initial setup and runtime process management.
But it would be a big improve if everything are done properly
The text was updated successfully, but these errors were encountered: