Multiple email addresses - any alternative to ask everyone to sign all my keys?
martin.brochhaus at gmail.com
Wed Jul 24 02:29:26 CEST 2013
@Chris: That still leaves the problem of having to enter the passphrase for
the key on the untrusted machine, which might have a keylogger, doesn't it?
On Wed, Jul 24, 2013 at 6:24 AM, Christopher J. Walters <cwal989 at comcast.net
> On 7/23/2013 3:55 PM, Philipp Klaus Krause wrote:
>> Am 23.07.2013 21:04, schrieb Heinz Diehl:
>>> On 23.07.2013, Philipp Klaus Krause wrote:
>>> Of course it is annoying to have to ask everyone to sign three keys -
>>>> after all they are all my keys, and the people I ask to sign my key all
>>>> get to see the same passport. Is there a better alternative?
>>> Create/use one key, and add all the different addresses.
>>> I do not consider my university computer safe enough to trust it with
>>>> the private key for my private mail.
>>> In this case, why should anybody else trust in the integrity of your
>>> identity? If you don't trust this machine, revoke the key and don't do
>>> anything confidential on/with it.
>> That's not a practical solution. I want to be able to read encrypted
>> mail sent to my university addresses on that machine.
> While it is generally considered good policy to use any cryptographic
> software on a computer you do not trust, given your reason for wanting to
> use GnuPG on the untrusted university computer, I have a suggestion.
> Make a Live GnuPG USB thumb drive - make sure that you set the default
> path to be the USB drive, and not the HDD of the university computer. Thus
> all of your keys would be on the USB drive and none on the untrusted
> computer. If your private keys are already on the untrusted computer, then
> I can only suggest revoking them and creating new ones on a trusted
> computer - with the keyrings stored on the Live GnuPG USB drive.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users