flapflap at riseup.net
Mon Jul 28 23:04:52 CEST 2014
pedro.markov at ml1.net:
>> When would this be useful? The public key is public, and anyone with
>> it could decode the message. To secure a message such that only the
>> desired recipient can read it, you should encrypt a message to the
>> recipient's public key so that only their private key can decrypt it.
>> Simply put, I don't understand a situation where using your system
>> would be an improvement over the current system, but perhaps I
>> misunderstand sometihng.
> Using this method there is no "password required", it is only need to
> know how to rebuild the public key. So you can safely store
> a "damaged public key" on your computer/web server/ whatever and if
> some one steal it he won't be able to get your information.
> I find this very attractive, because i could damage the key and still
> remember how to fix it many years after, But it is by sure that
> i wont remember an unic password 5 or 10 years after. ( maybe other
> people can )
This does not make sense to me.
You want to protect the information your public key reveals from an
attacker with access to your machine. This sounds like you manually
want to, for example, fill the field for "email" with "XXXXXXXX" and
only you know that the key is valid when you write "email at example.com"
in it. (have I understood it correctly so far?)
Why would you create a key with "email at example.com" as "email" in the
first place when you actually don't want "email at example.com" to be in
Why not just create a key saying "" or "XXXXX" for "email" instead?
More information about the Gnupg-users