gpg --list-sigs (root for other users)
Neil Williams
linux at codehelp.co.uk
Tue Mar 9 19:23:59 CET 2004
On Tue, Mar 09, 2004 at 06:04:53PM +0100, Mark Kirchner wrote:
> Hi,
>
> On Sunday, March 7, 2004, 9:14:54 AM, Neil wrote:
> > [Keep the secring.gpg on a USB stick etc.]
> >
> I know, I know, it _is_ (somewhat) safer to do it this way. The evil
> admin has to jump through a few more hoops to get your key. But in the
> end, it's just security by obscurity and might make you feel a lot
> safer than it really is. IMHO at least.
A targeted attack is always more of a problem. If someone really is out
to get you, there will be a way to compromise the key.
> So, ever done that USB stick thing? In this case, you should consider
No. :-))
I never would, it was just a possible solution for someone else's
problem. I agree it isn't a whole lot better but it was the best I could
come up with at the time.
As the manual says, it depends on your level of paranoia.
> your key "hopelessly compromised" and it "MUST be revoked". *smile*
Agreed. Thankfully, I'd never take such a risk with my secret key.
--
Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20040309/e0de0823/attachment.bin
More information about the Gnupg-users
mailing list