Don't store your key on a flash drive!

vedaal at vedaal at
Mon Aug 21 20:11:16 CEST 2006

>Date: Sat, 19 Aug 2006 21:17:58 -0400
>From: David Shaw <dshaw at>
>Subject: Re: Don't store your key on a flash drive! [was Re: GnuPG
>	(GPG)	Problem]


>> there's nothing inherently dumb about putting a private key on a 

>> dongle as long as the passphrase is sufficiently strong.
>This is quite correct and frequently misunderstood.  After all, 
>secret key encryption is essentially the same symmetric encryption
>that is used to encrypt messages.  If you're trusting it to 
>your messages, you probably should trust it to protect your key as

if the secret key was generated before the fix of the 
* quick-check * problem of PGP symmetric encryption,

then does the passphrase need to be changed with a newer version of 
or did this only apply to symmetric encryption of messages,
and not symmetric encryption of the secret key?



Concerned about your privacy? Instantly send FREE secure email, no account required

Get the best prices on SSL certificates from Hushmail

More information about the Gnupg-users mailing list