PuTTY wish pageant-deferred-decrypt

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Deferred key decryption in Pageant
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
depends: pageant-named-pipe
priority: medium: This should be fixed one day.

It would be nice if Pageant could support a mode in which it examines a public key file at startup and immediately starts advertising the key to clients, but doesn't actually decrypt the key (hence, does not prompt for a passphrase either) until the first time it's called on to actually generate a signature. Then it would decrypt the key and load it properly.

On Windows, this almost certainly depends on pageant-named-pipe. Also, depending on whether it turns out to be feasible to separate the GUI and agent-request message queues (see discussion in the linked issue), we might have no option but to present not-yet-decrypted keys only to clients using named-pipe IPC, and pretend to old-style WM_COPYDATA clients that those keys aren't loaded at all.


If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2015-05-18 12:33:58 +0100)