offline primary keys

Ximin Luo infinity0 at
Wed Sep 24 12:47:26 CEST 2014

On 24/09/14 08:20, Werner Koch wrote:
>> fwiw, there is security to be gained just from moving the master key to
>> a USB stick without any screen or keyboard -- just having the key be
>> inaccessible when the USB stick is unplugged defends against one whole
> You assume that the machine is clean and not compromised.  Well, then
> you can just keep the key on the disk.  After all it is passphrase
> protected and thus not useful unless the machine is compromised.
> [..]
>> As for Ximin's goals: I think the transition process could look like this:
>>  0) add a signing-capable subkey
>>  1) remove signing-capability from primary key
>>  2) move primary key offline
> IMHO this is worthless.  If this would go mainstream, malware will
> adjust for this scenario immediately.  You need to create the high-value
> primary key on a dedicated offline device.

To expand on my last email: you are missing time periods from your logic.

It's safer to assume "my machine wasn't compromised for the past 2 years" than to assume both this *and* "my machine won't be compromised for the next 10 years". So there is still security value in moving your master key offline ASAP, even if you generated it on an online computer.

In terms of a mass transition, of course it's most secure if everyone generated new keys on an airgapped machine. I'm not sure about the uptake on that. The proposed transition is still useful however, since it can be automated so it reduces the user's cost in moving their master key offline.

IMO it is quite reasonable to trade the cost of re-establishing your WoT, for the assumption that your machine wasn't compromised in the past few years.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140924/94bece18/attachment.sig>

More information about the Gnupg-devel mailing list