Re: handling private keys
Quoting Edward Faulkner (edfaulkner@gmail.com):
> I do the same thing with my passwords, but that doesn't quite answer
> the question. Radu wants a place to keep GPG keys safe - not just
> their passwords.
Yes, good point.
I don't have a good answer to Radu's situation other than don't use the
passphrase other than on your own system at times when you have
reasonable confidence of not being root-compromised -- and keep the
revocation certificate around on offline media in case you're wrong.
> It would be pretty cool to use a PDA as a trusted device - it would
> download a document from the PC, ask you to verify it, then sign it
> and send it back.
I've pondered this possibility for a few years, ever since I lived at a
building with a (Linux-based) Internet cafe. Such a crypto appliance
would definitely be on my shopping list.
Reply to: