[OT] Why are you using the GPG / PGP keys?

Johan Wevers johanw at vulcan.xs4all.nl
Wed May 29 20:11:26 CEST 2013


On 29-05-2013 19:43, Pete Stephenson wrote:

> That's odd. What phone do you have?

Nokia E72. One of their last Symbian models.

> Their free keys are only valid for one year, but paid users can get keys
> that are valid for two years. That's not uncommon for many CAs.

But hardly much better. My current key is valid for 50 years so I don't
really have to worry about expiring (I'm not sure if I won't expire
first before those 50 years are over...). Revoking and replacing it is
always an option when the domain name changes, technology requires an
update or the key gets compromised.

> They're based in Israel, not the US.

Wether that's better, worse or just the same is another question. But
they do have US offices (they list one in New York) so they're subject
to the Patriot Act. There is a reason that some cloud services in Europe
broadly advertise with the fact thay they keep absolutely no
relationship with the US.

> Additionally, it's an option to have them generate the private key for
> customers who are too lazy to generate their own private key and CSR,
> but it is not required: the certificate-creation procedure also allows
> for customers to provide them with a CSR produced from a
> customer-generated private key.

OK, I could not find that after a brief look, they did wrote about
sending a private key with password protection over the mail.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html




More information about the Gnupg-users mailing list