what are the sub keys
Grant Olson
kgo at grant-olson.net
Tue Mar 22 23:47:49 CET 2011
On 03/22/2011 06:37 PM, Jerome Baum wrote:
>
> So, I move my key to a smart card to gain the illusion that it's more
> secure, while it practically isn't (at least not much more).
>
Why wouldn't it be more secure? Before my key was encrypted but
available on disk, and available unencrypted in system memory. Now it's
on a specialized smart-card, completely inaccessible to the OS.
History of my key.
1) Normal key for a few months.
2) Moved the primary key offline, only used subkeys on networked
computers, and did that for a few more months.
3) Moved the subkeys to a dedicated smart card.
Sure, I can't guarantee that the NSA or a Chinese Hacker didn't
compromise my keys a year ago, but I'm still much more secure now than I
was then.
--
-Grant
"Look around! Can you construct some sort of rudimentary lathe?"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 564 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110322/139d9f3a/attachment.pgp>
More information about the Gnupg-users
mailing list