On Sun, Mar 17, 2002 at 12:51:50AM +0100, Jeroen Dekkers wrote: > On Sat, Mar 16, 2002 at 05:45:23PM -0500, Dave Baker wrote: > > So, what with this happening to two (three?) developers in pretty quick > > succession, I think we should add something to the NM process to ensure > > that all future developers *HAVE A REVOCATION KEY AVAILABLE*? It wouldn't > > be such a bad idea for everyone who's read this far to take the five > > minutes it requires to double-check that they have one themselves... > > What about making a backup of your secret key in a safe place? Where > safe means as safe of safer then your secret key on your > computer. > If you should forget your passphrase, a backup copy of the secret key doesn't help since you can't revoke it. If someone gains access to the copy of the secret key they can attempt to attack the passphrase and thus impersonate you. If someone gains access to your revocation key they can cause severe annoyance (by using it) but can't do much else with it. Dave -- - Dave Baker : dave@dsb3.com : dave@devbrain.com : http://dsb3.com/ - GnuPG: 1024D/D7BCA55D / 09CD D148 57DE 711E 6708 B772 0DD4 51D5 D7BC A55D
Attachment:
pgpF6tWHUYJia.pgp
Description: PGP signature