In order for the module to be able to get the encrypted data back, either
1) the RSA key must not have a password, or
2) the script must have the RSA key's password built into it, or
3) the script will have to prompt the user for a password
Numbers 1 and 2 are insecure. Number 3 is hassle.

Why do you use public-key cryptography for this? It seems like conventional cryptography would work just as well. Better, in fact. Since other people have access to my public key, they could use it to encode some malicious perl code, and Data::Encrypted will happily feed it to eval.

In reply to Re: RFC Data::Encrypted by no_slogan
in thread RFC Data::Encrypted by amackey

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.