On Thu, Nov 03, 2011 at 05:38:51PM +0100, Jakub Wilk wrote: > This seems to suggest that having multiple copies of the PGP key > somehow improves security. However, at least for some attack > scenarios, it's quite the opposite. I'm sorry if I was too terse. The point of a backup copy of your master key is to increase safety, not security: if your master key gets destroyed by an accident (broken hardware, house burns down, etc), the backup copy makes it unnecessary for you to go through the process of getting a new key signed by other DDs and accepted into the keyring by keyringi-maint. That process can be quite time-consuming and even expensive, for those living in remote places. > More copies means more things that could be stolen. And backups are > often stored in distant locations, so it might be easier to swipe > the copy without you noticing. Indeed. That's why I added a note that the backup copy should be stored in a safe place, as one would store one's passport. Which, I find, is a reasonable minimal standard. -- Freedom-based blog/wiki/web hosting: http://www.branchable.com/
Attachment:
signature.asc
Description: Digital signature