Rotating encryption keys (was: problem signing with a smart card)
Lachlan Gunn
lachlan at twopif.net
Thu Jan 21 12:32:14 CET 2016
> Not that I'm aware of.
Ok, thanks, might make an interesting project then if I get some more free
time.
> Without any rigorous thought having yet gone into it, it seems they have
the same /effective/ properties.
The first reason is that you can't do it if the key only exists on a smart
card. The second is that you now have to do one decryption per message, so
if the key is on a smartcard then it becomes more time-consuming to
compromise the whole database, but this is kind of marginal, I admit.
You can safely put the database on Dropbox or something because it contains
the same information as in the encrypted messages, just with a different
recipient effectively.
Thanks,
Lachlan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160121/ff5c8624/attachment.html>
More information about the Gnupg-users
mailing list