gpg --list-sigs (root for other users)
linux at codehelp.co.uk
Tue Mar 9 19:23:59 CET 2004
On Tue, Mar 09, 2004 at 06:04:53PM +0100, Mark Kirchner wrote:
> On Sunday, March 7, 2004, 9:14:54 AM, Neil wrote:
> > [Keep the secring.gpg on a USB stick etc.]
> I know, I know, it _is_ (somewhat) safer to do it this way. The evil
> admin has to jump through a few more hoops to get your key. But in the
> end, it's just security by obscurity and might make you feel a lot
> safer than it really is. IMHO at least.
A targeted attack is always more of a problem. If someone really is out
to get you, there will be a way to compromise the key.
> So, ever done that USB stick thing? In this case, you should consider
I never would, it was just a possible solution for someone else's
problem. I agree it isn't a whole lot better but it was the best I could
come up with at the time.
As the manual says, it depends on your level of paranoia.
> your key "hopelessly compromised" and it "MUST be revoked". *smile*
Agreed. Thankfully, I'd never take such a risk with my secret key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20040309/e0de0823/attachment.bin
More information about the Gnupg-users