Backing up your PGP key by hand
Francesco Ariis
fa-ml at ariis.it
Tue May 3 21:08:22 CEST 2022
Hello Jonathan,
Il 02 maggio 2022 alle 13:26 Jonathan Cross via Gnupg-users ha scritto:
> Thank you for sharing this Francesco.
>
> Yes, having a secure, durable offline backup is important.
>
> Coming from the Bitcoin space, we've already explored many options in an
> effort to allow users easily to back up private keys.
>
> I have to say the effort involved in your method seems unrealistic for most
> users:
>
> [...]
thanks for you feedback message!
As you probably expect, I agree with (almost) everything you say. My
experiment was to document something which — as far as I know — was not
documented until now (although probably done numerous times) and a way
to spur a discussion on the topic of “backing up keys when you cannot
trust or do not have access to some devices”.
The pain points are manifold: some might be mitigated (as Ingo Klöcker
suggested, ed25519 keys are shorter, progressively moving to them would
do a lot); some would need some reworking (or reimagining) of the tools
we use today to sign out documents and encrypt out archives (as much as
`paperkey` is convenient, a “native” solution will always be more
reliable, user-friendly, future-proof).
> But ideally such a system should be standardized and built into gpg so that
> users can be sure they will be able to restore keys.
This would be amazing and hopefully one day a standardised approach will
come to light for PGP too. Happy encrypting everyone
—F
More information about the Gnupg-users
mailing list