what is killing PKI?
Mark H. Wood
mwood at IUPUI.Edu
Thu Aug 30 16:39:58 CEST 2012
On Thu, Aug 30, 2012 at 10:33:32AM -0400, Mark H. Wood wrote:
> On Wed, Aug 29, 2012 at 03:14:50PM -0400, Landon Hurley wrote:
> [snip]
> > I do have a question about where you talk about backups though. How
> > does PKI prevent back up loss?
>
> If I can prove that I possess my password without ever disclosing that
> password to my correspondent, he never has my password and can't have
> it lost or stolen. "Three can keep a secret, if two of them are
> dead."
>
> It doesn't prevent backup loss; it eliminates the cost to me should
> some vendor's backups go astray. No one can learn my secrets from
> people who never had them. I only have to disclose my public key,
> which is not secret, to my correspondents; my private key never leaves
> my equipment unless someone penetrates *my* system or steals *my*
> backups.
More to the point: my passphrase never leaves my equipment and isn't
recorded anywhere outside my brain. You can only get it by getting
inside my computer. That's not perfect but I like it a lot better
than the current setup.
--
Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu
Asking whether markets are efficient is like asking whether people are smart.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/attachments/20120830/5016ea36/attachment.pgp>
More information about the Gnupg-users
mailing list