Hacker News new | ask | show | jobs
by stormbrew 2097 days ago
I use pass and I would switch in a heartbeat to a fork of it that used ssh keys or something similar instead of gpg. For something so amazingly simple and useful, its dependence on the klunky mess that is gpg key management is an anchor that weighs it down.
1 comments
somedude11 2097 days ago
Key management is a burden in every cryptosystem. I'm using KeePass and can recommend it, it works well.
link
wglb 2097 days ago
Would you know if it failed?
link
somedude11 2095 days ago
If it would "fail" and there would be no consequences so I could't tell if it failed or not - would it make a difference?
link
wglb 2094 days ago
If the failure were discovered by you a year later, realizing that all you thought was protected was in an adversary's hands.

I'm suggesting that "seems fine so far" is not effective at evaluating solidity of cryptographical usage.

link