Enigmail speed geeking

Robert J. Hansen rjh at sixdemonbag.org
Fri Mar 13 15:08:46 CET 2015

> Of course not (I hope). You keep a backup of your key in a safe
> place. This goes for smartcard keys as well. The situation is the
> same whether you use a smartcard or not.

This is not true.  There are a lot of use cases where "there are no
backups of this smart-card key" are baked into the security model.
That's why we can create keys on the card directly: that way they never
need to exist outside of the card.

> Not having a backup of your encryption subkeys means a not very
> robust single point of failure, and if that hard disk crashes, or the
> file system is corrupted, or your smartcard dies, you suddenly lose
> access to all your encrypted files.

Yes, and in some security models that's preferable to having a backup
copy somewhere.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150313/c2b5f2b9/attachment.sig>

More information about the Gnupg-users mailing list