what are the sub keys

Grant Olson kgo at grant-olson.net
Tue Mar 22 23:47:49 CET 2011

On 03/22/2011 06:37 PM, Jerome Baum wrote:
> So, I move  my key to a smart  card to gain the illusion  that it's more
> secure, while it practically isn't (at least not much more).

Why wouldn't it be more secure?  Before my key was encrypted but
available on disk, and available unencrypted in system memory.  Now it's
on a specialized smart-card, completely inaccessible to the OS.

History of my key.

1) Normal key for a few months.

2) Moved the primary key offline, only used subkeys on networked
computers, and did that for a few more months.

3) Moved the subkeys to a dedicated smart card.

Sure, I can't guarantee that the NSA or a Chinese Hacker didn't
compromise my keys a year ago, but I'm still much more secure now than I
was then.


"Look around! Can you construct some sort of rudimentary lathe?"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 564 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110322/139d9f3a/attachment.pgp>

More information about the Gnupg-users mailing list