Storing secrets on other people's computers
Anthony Papillion
papillion at gmail.com
Fri May 6 00:45:18 CEST 2011
Does having possession of your secret key really make you less secure?
I mean the whole purpose of a passphrase is because you assume your
secret key is *not* safe simply being unprotected in your possession.
Law enforcement, hackers, even friends could *easily* get physical
access to your key so it's the passphrase that's of value.
I've actually thought about posting my key to Bittorrent in case I
ever lost it. It's economical and just as secure as sitting on my pc.
As long as you have a good passphrase, having physical possession of
your key gives an attacker no real advantage.
Anthony
On 5/5/11, Jerome Baum <jerome at jeromebaum.com> wrote:
> On Thu, May 5, 2011 at 15:15, Daniel Kahn Gillmor
> <dkg at fifthhorseman.net>wrote:
>
>> PS If Robert follows through on this, he certainly wouldn't be the only
>> person to publish his secret key. Search for "BEGIN PGP PRIVATE KEY
>> BLOCK" in your favorite search engine.
>>
>
> I do wonder how many of those are to make past signatures deniable, and how
> many can be accounted to "I feel that my pass-phrase is safe".
>
> For the latter, I don't get it -- it's not like keeping the key secret takes
> a lot of effort -- but it does decrease your security ever so slightly.
> Besides proving a point, why would you publish?
>
> --
> Jerome Baum
>
> tel +49-1578-8434336
> email jerome at jeromebaum.com
> --
> PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
> PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
>
--
Sent from my mobile device
Anthony Papillion
Lead Developer / Owner
Get real about your software/web development and IT Services
(918) 919-4624
Facebook: http://www.facebook.com/cajuntechie
My Blog: http://www.cajuntechie.com
More information about the Gnupg-users
mailing list