export secret-key

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Mon Jul 22 13:43:01 2002


--=-RXMlEGAlQ+spqtLRg6np
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Sun, 2002-07-21 at 16:16, Andreas Martin wrote:
> Hi all,
>=20
> I'm sure you already knew, but im Wondering whether it is intentional tha=
t=20
> anyone can export my secret key without giving the Mantra.
>=20
> In fact, my colleagues are capable to export my secret key while I'm on=20
> vacation. Worst case, my password for the Network-account has changed, a =
fact=20
> that is mostly ignored as a "strange behavior" of the Domain-Controller.
>=20
> And while my friends continue encrypting Mails with my public-key, my=20
> colleague cna spend a lot of time in cracking my Mantra - and I will not =
even=20
> notice anything !?!
>=20
> If there is any explanation, I would appreciate it if you could answer me=
 by=20
> CC, because I'm not subscribed to this mailing-list.

If somebody can access your workstation so that he could export your
private key, that means he has access to your filesystem. So preventing
anybody from exporting the private key would do nothing - he could still
get the secret key from the keyring (which is just a file on the
filesystem, after all)

cheers
-- vbi

--=20
secure email with gpg                         http://fortytwo.ch/gpg

--=-RXMlEGAlQ+spqtLRg6np
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQA9O/ACwj49sl5Lcx8RAnBtAJ98NoakmRUI0Jxi8mBlBNiPxIpQnwCgiR/2
tcSrM1XNrAk2+gvCf6yIRgA=
=SW/4
-----END PGP SIGNATURE-----

--=-RXMlEGAlQ+spqtLRg6np--