* Lars Wirzenius <[email protected]>, 2011-10-30, 17:33:
Personally, I think some guidelines for DD's about securing their
personal machines where their private keys are located would be a good
idea. It would be a lot better than just having a vague and ineffable
thing called "trust".
I agree. I offer the following as a first approximation, targeted
specifically for key management.
* These are meant to provide an idea of the minimal acceptable standard.
* Store your master PGP keys on at least two USB thumb drives.
This seems to suggest that having multiple copies of the PGP key somehow
improves security. However, at least for some attack scenarios, it's
quite the opposite.
More copies means more things that could be stolen. And backups are
often stored in distant locations, so it might be easier to swipe the
copy without you noticing.
--
Jakub Wilk
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
