Slightly OT - mobile OpenPGP usage

Stefan Claas stefanclaas at
Wed Aug 28 11:07:30 CEST 2019

On 2019-08-28 00:44, Chris Narkiewicz via Gnupg-users wrote:
> On 27/08/2019 20:50, Stefan Claas via Gnupg-users wrote:
>> But what would be, when using computers at work or public places, then
>> the best strategy for using OpenPGP, without carrying a Notebook or
>> smartphone?
> The strategy I advice would be to not use GnuPG and look for alternatives.

Well, not GnuPG but I thought more about other OpenPGP apps, because
the OpenPGP protocol besides S/MIME is still widely used.

> I wouldn't look for some golden practice because I believe there
> is none. Bluntly speaking, GnuPG is not fit for purpose of
> securing everyday communication and shall not be advertised
> as such.
> Generally your keys should never leave secure environment. Secure
> environment can be either dedicated machine that you control
> or (better) SmartCard/HSM.

Here is an idea ... I recently read about Prof. Kaminsky's Enigma2000
which is a JavaScrpit encryption app running on an offline Raspberry Pi
with a touchscreen.

If someone would write a JavaScript OpenPGP app which works like
one could attach an USB stick to store an amored message, unplug and set
the write protect switch and insert the USB stick to a public computer.
would have a secure OpenPGP messaging device, not requiring an expensive
smartphone nor a laptop to carry around.

It could be done as a kickstarter project (Raspi+Touchscreen as one
device + JavaScript code.

Well, just a thought and hopefully a talented coder and hardware
tinkerer could make this happen.


box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
  certified OpenPGP key blocks available on

More information about the Gnupg-users mailing list