what is killing PKI?
Landon Hurley
ljrhurley at gmail.com
Thu Aug 30 20:34:56 CEST 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I see. I wasn't thinking in terms of stolen password caches, just general financial record data or whatever other operation data maybe be backed up. Much clearer now.
Gratzie,
Landon
- -------- Original Message --------
From: "Mark H. Wood" <mwood at IUPUI.Edu>
Sent: Thu Aug 30 10:39:58 EDT 2012
To: gnupg-users at gnupg.org
Subject: Re: what is killing PKI?
On Thu, Aug 30, 2012 at 10:33:32AM -0400, Mark H. Wood wrote:
> On Wed, Aug 29, 2012 at 03:14:50PM -0400, Landon Hurley wrote:
> [snip]
> > I do have a question about where you talk about backups though. How
> > does PKI prevent back up loss?
>
> If I can prove that I possess my password without ever disclosing that
> password to my correspondent, he never has my password and can't have
> it lost or stolen. "Three can keep a secret, if two of them are
> dead."
>
> It doesn't prevent backup loss; it eliminates the cost to me should
> some vendor's backups go astray. No one can learn my secrets from
> people who never had them. I only have to disclose my public key,
> which is not secret, to my correspondents; my private key never leaves
> my equipment unless someone penetrates *my* system or steals *my*
> backups.
More to the point: my passphrase never leaves my equipment and isn't
recorded anywhere outside my brain. You can only get it by getting
inside my computer. That's not perfect but I like it a lot better
than the current setup.
- --
Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu
Asking whether markets are efficient is like asking whether people are smart.
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
- --
Violence is the last refuge of incompetence.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8
iQJBBAEBCgArBQJQP7JPJBxMYW5kb24gSHVybGV5IDxsanJodXJsZXlAZ21haWwu
Y29tPgAKCRA3qYf9H1SVrG3aD/9KhBl5KuuSI+t/pIIY9x9SciHGEINgD56yoB7N
kPnbNSjjV6WAarht1nt4rUnR0noejyeLEzPpIQM5UxLae+M7vg/1BUB0wgSGp6YB
5z7XZ3GMjee3aMlKEbANVIEQDYhtY35M/zxrO+9fAsEeIBYOqV4DIncd4UzhUyZF
u1FIpc6wrqU0hd6cBq77umK38FSSLULh4lAvwiIyEcpNGN0YkdRxkkug1DpOXNd3
F05mEQEmlhTC7YKnuetFjisVIqS1shSArC8/g/5VkhSvLKm5K17qXi72buzIhgzY
huK0Wk82FQHz5WT/hsL79Ek8mNiTA5vH62QG1ZMaNfHJNveenQYinxVfnl/B4rh6
3yyLRlST5iT5t0BV4HvRm+0v/T/ZeLmLd7S109xwtC5X23LiyEr2PK6UBqRlewPM
eAvzM78aQ0z4Orp5/B5N7zXHpB8jSvVyQgYtKSxUIENmkn/WNyzZNGrRUYsMxLuy
eIWyxnhR47Mfm1WFHwoQrfwDqEldH/2HjFArdq9KtMec1mwD5maAhL6XN1Z5XBVM
758GuqeR+7WIUZUoCEAIV7BYsHMCs9betYU1y+euJMNk2D9F5JtzPBallWDmPbFb
m/5NBcW9rg2dneqKLA47m8YcMz17cCTXYLb95IPqXuZv6+sfnjLeg00HJp0v8/hI
J1Eotw==
=ijlC
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list