Renewing expiring key - done correctly?

Robert J. Hansen rjh at sixdemonbag.org
Wed Dec 4 02:10:32 CET 2013


On 12/3/2013 7:49 PM, Hauke Laging wrote:
> Compromising the respective mainkey is more difficult by several
> orders of magnitude. You would have to compromise at least the boot
> medium (CD/DVD) or the hardware I use.

Why do you think it's hard to compromise your boot medium?  Your boot
medium isn't a CD or DVD: your boot medium is the UEFI firmware that
gives you the choice of where to boot from next.

UEFI is a surprisingly capable operating environment.  If I can
compromise your machine, then I put down my own code in the UEFI loader
and wait for you to reboot your machine.

> Of course. But these risk models are incompatible with the
> requirements of crypto usage in a business environment. They are even
> incompatible with a real Web of Trust.

Hauke, you don't get to define what other people's models are, or even
what they should be.  Neither do I, for that matter.  Those models are
incompatible with what *you perceive* to be the requirements of crypto
usage in a business environment, but I promise you there are people
using crypto in a business environment who perceive things much differently.






More information about the Gnupg-users mailing list