| 1 |
On Tue, Sep 9, 2008 at 18:50, Matt Harrison |
| 2 |
<iwasinnamuknow@×××××××××.com> wrote: |
| 3 |
>> It looks like I've imported a pub/sec keypair now. Should I remove |
| 4 |
>> the public key for security? Maybe I misunderstood from the beginning |
| 5 |
>> and having both keys on the same system isn't a security issue? |
| 6 |
>> |
| 7 |
>> - Grant |
| 8 |
>> |
| 9 |
> |
| 10 |
> It is still a security issue, but only as much as any other data on your |
| 11 |
> machine. Physical access to the box, or being remotely hacked will |
| 12 |
> always be a security risk. |
| 13 |
> |
| 14 |
> And yes, if someone does break in and copy your pub/sec keypair, they |
| 15 |
> will have full ability to masquerade as you in signed and encrypted emails. |
| 16 |
> |
| 17 |
> You have to weigh it up for yourself really. Many, many keep pub/sec |
| 18 |
> keypairs for their email on more than one machine. Of course it would be |
| 19 |
> a lot of work for someone to compromise your system for your gpg keys, |
| 20 |
> so your email would have to be of value to them. |
| 21 |
|
| 22 |
It's always possible to generate a revocations certificate and store |
| 23 |
it in a safe place (CD, usb key etc.) |
| 24 |
|
| 25 |
http://www.gnupg.org/gph/en/manual/c14.html |
| 26 |
|
| 27 |
regards, |
| 28 |
|
| 29 |
Boris. |
| 30 |
> |
| 31 |
> Just my $0.02 |
| 32 |
> |
| 33 |
> Matt |
| 34 |
> |
| 35 |
> |
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
-- |
| 40 |
$ ruby -e'puts " .:@BFegiklnorst".unpack("x4ax7aaX6ax5aX15ax4aax6aaX7ax2 \ |
| 41 |
aX5aX8axaX3ax8aX4ax6aX3aX6ax3ax3aX9ax4ax2aX9axaX6ax3aX2ax4 \ |
| 42 |
ax3aX4aXaX12ax10aaX7a").join' |
Archives