Key safety vs Backup : History of a bad day (key-restoration problem)

Robert J. Hansen rjh at sixdemonbag.org
Thu Nov 1 02:50:55 CET 2007


> Why not just pick a strong passphrase and mail a copy to all
> your email accounts? You would only need to worry about remembering
> the passphrase.

Doesn't help if I'm dead.

I have some encrypted traffic which my estate will need to read in the
event of my death.  So I can give my key and passphrase to my lawyer, I
can store a copy in a safe deposit box, I can... etc.

But all options involve leaving my key and passphrase under the control
of a single person.  A single person can make mistakes.  They can be
corrupted.  They can lose it.  They can... etc., etc.

Secret shares make it possible for me to give shares to people I trust
not to conspire against me, as opposed to people I trust to never make
typical human errors.  I am fortunate enough to have a fair number of
the former, but like most people, none of the latter.






More information about the Gnupg-users mailing list