what are the sub keys

Jerome Baum jerome at jeromebaum.com
Wed Mar 23 00:38:39 CET 2011


Grant Olson <kgo at grant-olson.net> writes:

> On 03/22/2011 06:37 PM, Jerome Baum wrote:
>> 
>> So, I move  my key to a smart  card to gain the illusion  that it's more
>> secure, while it practically isn't (at least not much more).

> Why wouldn't it be more secure?  Before my key was encrypted but
> available on disk, and available unencrypted in system memory.  Now it's
> on a specialized smart-card, completely inaccessible to the OS.

"(at least not much more)" -- but agreed, much is a subjective this. I'm
just saying I think people will  have the illusion of "this is as secure
as  if I had  generated it  right on  the card"  -- we're  talking about
average Joe  who uses only  the defaults, doesn't  read up on  what they
mean, and has "heard somewhere" that smart cards are double plus good.

> Sure, I can't guarantee that the NSA or a Chinese Hacker didn't
> compromise my keys a year ago, but I'm still much more secure now than I
> was then.

Absolutely agreed. We were just talking past each other.

-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 880 bytes
Desc: not available
URL: </pipermail/attachments/20110322/e22039f5/attachment.pgp>


More information about the Gnupg-users mailing list