[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

taming the wild pgp





i'm having a problem with pgp.  i want to use it in my remailer
to decrypt incoming encrypted remail requests.  the problem is this:
someone could send in a keyfile instead of an encrypted text.
according to the pgp manual,

If you want to specify a particular key ring file name, but want to
see all the keys in it, try this alternative approach:

    pgp keyfile

With no command options specified, PGP lists all the keys in
keyfile.pgp, and also attempts to add them to your key ring if they
are not already on your key ring.

this is bad because that's also the command used to decrypt
a file.  how can i make sure that the only thing pgp will attempt
to do is decrypt a file, and it will never take keys from
the input file and add them to any keyring?

e