Extra key best solution for very insecure locations?
David Shaw
dshaw at jabberwocky.com
Mon May 7 15:11:06 CEST 2007
On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote:
> Hello everybody,
>
> I'm trying to find the best solution for using GPG on a USB drive
> while travelling.
>
> I read the FAQ about subkeys which suggests to only use subkeys on
> insecure computers. As far as I understand this, though, anybody who
> got hold of my private subkeys would still be able to read all my
> previous mails. The document was obviously written with workplace
> computers and such in mind, rather than heavily infected Windows PCs
> in internet cafes.
>
> Is there a possibility to have an additional encryption subkey, that
> is not used until explicitly asked for by the user? That way I could
> ask people to encrypt to that subkey only while I'm on the road.
This is certainly possible. The catch is that I suspect you'll find
that people don't know how or aren't able to encrypt to a particular
subkey some of the time, and a different subkey the rest of the time.
GnuPG does, but not all OpenPGP programs have the ability to pick
which subkey to encrypt to.
David
More information about the Gnupg-users
mailing list