offline primary keys
Ximin Luo
infinity0 at pwned.gg
Wed Sep 24 12:05:21 CEST 2014
On 24/09/14 08:20, Werner Koch wrote:
>> As for Ximin's goals: I think the transition process could look like this:
>>
>> 0) add a signing-capable subkey
>> 1) remove signing-capability from primary key
>> 2) move primary key offline
>
> IMHO this is worthless. If this would go mainstream, malware will
> adjust for this scenario immediately. You need to create the high-value
> primary key on a dedicated offline device.
>
No, it's not worthless unless you think all machines are infected all the time.
X
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140924/9689d644/attachment.sig>
More information about the Gnupg-devel
mailing list