huge keyrings (was: id matching)

sen_ml at eccosys.com sen_ml at eccosys.com
Mon Nov 9 10:27:20 CET 1998


At around Sun, 08 Nov 1998 19:42:53 +0100,
 walterk at dip.de (Walter Koch) may have mentioned:

> Moin, 
> 
> Am / On 02 Nov 1998 21:14:54 -0800, Brian Warner <warner at lothar.com>
> wrote:
> 
> >I've been pondering other (read "more secure") ways to store and
> >retrieve the secret key material. One thing that might help open up more
> >mechanisms would be to add a hook to get secret keyring data by running a
> >program and simply gathering stdout. You could pass the keyid to the program
> >and it would return a (possibly armored) private keyblock. GPG uses the data
> >and then throws it out. I'm thinking of something like a Pilot attached to a
> >serial port, and then the program in question would send a request for the key
> >to the pilot, which would just dump some text back through the serial port.
> 
> Good idea to keep the secretkey in a box with you. Palm Pilot is
> widely spread. And someday the pilot can speak to every computer via
> IrDA. 
> But i do not want to transmit my secret keys to any computer i work
> with. Maybe his OS is tampered with a trojan or sth.
> So the solution would be a gnupg for pilot. AFAIK there is a gcc for
> pilot. This would be a little slow, but it would be very handy ...
> 
> comments?

need to be careful of 'syncing' your palm device as that may end up
depositing secret key information on a networked computer (or even
non-networked computer which isn't guarded most/all of the time).

i don't suppose there is any hardware/software support in the palm
device for 'protecting' data from being synced?  (but then, what if
the data on your pilot gets wiped? -- there should be a backup on
some other media in a safe somewhere? -- and, do you trust potential
syncing protection mechanisms that may end up being non-open-source?)




More information about the Gnupg-devel mailing list