Slightly OT - mobile OpenPGP usage
stefanclaas at riseup.net
Wed Aug 28 11:07:30 CEST 2019
On 2019-08-28 00:44, Chris Narkiewicz via Gnupg-users wrote:
> On 27/08/2019 20:50, Stefan Claas via Gnupg-users wrote:
>> But what would be, when using computers at work or public places, then
>> the best strategy for using OpenPGP, without carrying a Notebook or
> The strategy I advice would be to not use GnuPG and look for alternatives.
Well, not GnuPG but I thought more about other OpenPGP apps, because
the OpenPGP protocol besides S/MIME is still widely used.
> I wouldn't look for some golden practice because I believe there
> is none. Bluntly speaking, GnuPG is not fit for purpose of
> securing everyday communication and shall not be advertised
> as such.
> Generally your keys should never leave secure environment. Secure
> environment can be either dedicated machine that you control
> or (better) SmartCard/HSM.
Here is an idea ... I recently read about Prof. Kaminsky's Enigma2000
which is a JavaScrpit encryption app running on an offline Raspberry Pi
with a touchscreen.
one could attach an USB stick to store an amored message, unplug and set
the write protect switch and insert the USB stick to a public computer.
would have a secure OpenPGP messaging device, not requiring an expensive
smartphone nor a laptop to carry around.
It could be done as a kickstarter project (Raspi+Touchscreen as one
Well, just a thought and hopefully a talented coder and hardware
tinkerer could make this happen.
certified OpenPGP key blocks available on keybase.io/stefan_claas
More information about the Gnupg-users