Rotating encryption keys (was: problem signing with a smart card)

Lachlan Gunn lachlan at
Thu Jan 21 12:32:14 CET 2016

> Not that I'm aware of.

Ok, thanks, might make an interesting project then if I get some more free

> Without any rigorous thought having yet gone into it, it seems they have
the same /effective/ properties.

The first reason is that you can't do it if the key only exists on a smart
card.  The second is that you now have to do one decryption per message, so
if the key is on a smartcard then it becomes more time-consuming to
compromise the whole database, but this is kind of marginal, I admit.

You can safely put the database on Dropbox or something because it contains
the same information as in the encrypted messages, just with a different
recipient effectively.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160121/ff5c8624/attachment.html>

More information about the Gnupg-users mailing list