On 6/28/05, Rick Moen <[EMAIL PROTECTED]> wrote: > Mine is called a PalmPilot with Keyring (3DES password store) installed, > where I'm careful about what I install on it. It strikes me that threat > models are more easily isolated and dealth with on a PDA than on a > networked computer, especially a multiuser one.
I do the same thing with my passwords, but that doesn't quite answer the question. Radu wants a place to keep GPG keys safe - not just their passwords. It would be pretty cool to use a PDA as a trusted device - it would download a document from the PC, ask you to verify it, then sign it and send it back. It's even better than a smart card, because you can use the PDA's display to verify that you're signing what you think you're signing. I don't know of any program to do this, but it's certainly possible. -Ed
