Revocation certificates [was: time delay unlock private key.]

Robert J. Hansen rjh at
Fri Jan 24 00:08:40 CET 2014

> Yet, I agree I would not send my encrypted private key. But having  
> your divorced
> spouse bruteforce 90 bit of passphrase just to annoy you... seems quite an
> unreasonable threat to me.

It is.  That's why that's not the threat being defended against.

The threat is against your spouse seeing you enter your passphrase.   
It's very easy for roommates to discover each other's passwords and  
passphrases; sometimes it happens by accident.  Everyone knows not to  
enter a passphrase with a shoulder surfer around, but if you and your  
spouse are sitting on the couch with your laptops open and you receive  
an encrypted email, are you really going to tell her, "Sorry, honey, I  
have to take this into the other room so I can enter my passphrase  
without worrying about you spotting it"?

So long as there's marital bliss, you're perfectly safe.  You just  
can't rely on that lasting forever.

More information about the Gnupg-users mailing list