multiple subkeys and key transition

Ben McGinnes ben at adversary.org
Thu Dec 9 19:07:10 CET 2010


On 10/12/10 4:38 AM, Hauke Laging wrote:
> Am Donnerstag 09 Dezember 2010 18:18:00 schrieb Ben McGinnes:
> 
>> And you're basing that assessment on what?
>>
>> I know where all the physical media containing a copy of my secret
>> key(s) are and I control all the hardware that can access them.
> 
> And this hardware is always offline with no complex applications
> running? 

Effectively.  The server is always on, but my secret keyring is not
installed on the server.  The only active system with the secret
keyring is only running when I am in front of it.

> There are scenarios in which controlling the hardware is enough. But
> they are very rare. Probably somebody with such a scenario had said
> something different from "based on security".

Well, I suppose there's the threat of people kicking in the door, but
if that kind of situation were to become a possibility (again), my
concerns wouldn't pertain to my email and/or files, my concerns would
be more in the nature of defending life and limb.


Regards,
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101210/5d67d394/attachment.pgp>


More information about the Gnupg-users mailing list