Extra key best solution for very insecure locations?

David Shaw dshaw at jabberwocky.com
Mon May 7 15:11:06 CEST 2007

On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote:
> Hello everybody,
> I'm trying to find the best solution for using GPG on a USB drive
> while travelling.
> I read the FAQ about subkeys which suggests to only use subkeys on
> insecure computers. As far as I understand this, though, anybody who
> got hold of my private subkeys would still be able to read all my
> previous mails. The document was obviously written with workplace
> computers and such in mind, rather than heavily infected Windows PCs
> in internet cafes.
> Is there a possibility to have an additional encryption subkey, that
> is not used until explicitly asked for by the user? That way I could
> ask people to encrypt to that subkey only while I'm on the road.

This is certainly possible.  The catch is that I suspect you'll find
that people don't know how or aren't able to encrypt to a particular
subkey some of the time, and a different subkey the rest of the time.

GnuPG does, but not all OpenPGP programs have the ability to pick
which subkey to encrypt to.


More information about the Gnupg-users mailing list