[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security guidelines for Debian people

On Thu, Nov 03, 2011 at 05:38:51PM +0100, Jakub Wilk wrote:
> This seems to suggest that having multiple copies of the PGP key
> somehow improves security. However, at least for some attack
> scenarios, it's quite the opposite.

I'm sorry if I was too terse. The point of a backup copy of your
master key is to increase safety, not security: if your master key
gets destroyed by an accident (broken hardware, house burns down,
etc), the backup copy makes it unnecessary for you to go through
the process of getting a new key signed by other DDs and accepted
into the keyring by keyringi-maint. That process can be quite
time-consuming and even expensive, for those living in remote

> More copies means more things that could be stolen. And backups are
> often stored in distant locations, so it might be easier to swipe
> the copy without you noticing.

Indeed. That's why I added a note that the backup copy should be
stored in a safe place, as one would store one's passport. Which,
I find, is a reasonable minimal standard.

Freedom-based blog/wiki/web hosting: http://www.branchable.com/

Attachment: signature.asc
Description: Digital signature

Reply to: