Storing secrets on other people's computers
papillion at gmail.com
Fri May 6 00:45:18 CEST 2011
Does having possession of your secret key really make you less secure?
I mean the whole purpose of a passphrase is because you assume your
secret key is *not* safe simply being unprotected in your possession.
Law enforcement, hackers, even friends could *easily* get physical
access to your key so it's the passphrase that's of value.
I've actually thought about posting my key to Bittorrent in case I
ever lost it. It's economical and just as secure as sitting on my pc.
As long as you have a good passphrase, having physical possession of
your key gives an attacker no real advantage.
On 5/5/11, Jerome Baum <jerome at jeromebaum.com> wrote:
> On Thu, May 5, 2011 at 15:15, Daniel Kahn Gillmor
> <dkg at fifthhorseman.net>wrote:
>> PS If Robert follows through on this, he certainly wouldn't be the only
>> person to publish his secret key. Search for "BEGIN PGP PRIVATE KEY
>> BLOCK" in your favorite search engine.
> I do wonder how many of those are to make past signatures deniable, and how
> many can be accounted to "I feel that my pass-phrase is safe".
> For the latter, I don't get it -- it's not like keeping the key secret takes
> a lot of effort -- but it does decrease your security ever so slightly.
> Besides proving a point, why would you publish?
> Jerome Baum
> tel +49-1578-8434336
> email jerome at jeromebaum.com
> PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
> PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
Sent from my mobile device
Lead Developer / Owner
Get real about your software/web development and IT Services
My Blog: http://www.cajuntechie.com
More information about the Gnupg-users