Why trust gpg4win?

Pete Stephenson pete at heypete.com
Sun Aug 25 14:23:20 CEST 2013


On Sun, Aug 25, 2013 at 10:49 AM, Laurent Jumet <laurent.jumet at skynet.be> wrote:
>
> Hello Pete !
>
> Pete Stephenson <pete at heypete.com> wrote:
>
>> The easiest and least-expensive solution to this situation is using
>> smartcards: http://g10code.com/p-card.html -- the private key is kept
>> securely on the smartcard. Any private-key operations (i.e. signing or
>> decrypting) are handled on-card and the private key is not accessible
>> to the computer. You could, of course, generate the key on an offline
>> computer and then transfer it to the smartcard and keep an offline
>> backup (that's what I do) rather than having the key generated
>> entirely on-card with no backup (which is an option).
>
>     This is only relevant (I mean existent backup) for keys that are used as a tool:
> you need a screwdriver for that caregory of screws.
>     But if smartcard identifys *you*, backup means that there is a second Pete
> Stephenson on the Earth, that can sign, certify and so on. Forensic issues can be hard
> to break...

Hi Laurent,

Yes, that's true. In my case, I use smartcards to prevent my private
keys from being compromised during my normal, day-to-day use of my
online computer.

In my case, the private keys were generated offline and then
transferred to the card and to offline backups. If someone is going to
physically break into my apartment to compromise my private keys then
I have some pretty major problems. In such a situation, I could easily
revoke the keys. Personally, I'm more concerned about the smartcard
breaking in some way over the years and thus leaving me unable to
decrypt or sign messages, so I prefer to have backups. Your mileage
may vary. :)

If you or your organization have a requirement that there be a strict
one-key-per-person policy with no backups, then you can of course
generate the keys on the card.

Cheers!
-Pete



More information about the Gnupg-users mailing list