Re: Security guidelines for Debian people

To: debian-project@lists.debian.org
Subject: Re: Security guidelines for Debian people
From: Jakub Wilk <jwilk@debian.org>
Date: Thu, 3 Nov 2011 17:38:51 +0100
Message-id: <[🔎] 20111103163851.GA7752@jwilk.net>
Mail-followup-to: debian-project@lists.debian.org
In-reply-to: <20111030173346.GA14860@havelock.liw.fi>
References: <20111030173346.GA14860@havelock.liw.fi>

* Lars Wirzenius <liw@liw.fi>, 2011-10-30, 17:33:

Personally, I think some guidelines for DD's about securing theirpersonal machines where their private keys are located would be a goodidea. It would be a lot better than just having a vague and ineffablething called "trust".
I agree. I offer the following as a first approximation, targetedspecifically for key management.
* These are meant to provide an idea of the minimal acceptable standard.
* Store your master PGP keys on at least two USB thumb drives.

This seems to suggest that having multiple copies of the PGP key somehowimproves security. However, at least for some attack scenarios, it'squite the opposite.

More copies means more things that could be stolen. And backups areoften stored in distant locations, so it might be easier to swipe thecopy without you noticing.


--
Jakub Wilk

Reply to:

Follow-Ups:
- Re: Security guidelines for Debian people
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Security guidelines for Debian people
  - From: Lars Wirzenius <liw@liw.fi>

Prev by Date: Re: trademark licenses and DFSG
Next by Date: Re: Security guidelines for Debian people
Previous by thread: Re: trademark licenses and DFSG
Next by thread: Re: Security guidelines for Debian people
Index(es):
- Date
- Thread