Adam Funk wrote: > On 2007-02-19, John Clizbe wrote: > >> The passphrase is only one protection on your keypair and it's >> pretty much the protection of last resort - given an easily >> guessable/brute-forced passphrase, it's "Game-Over." if an attacker >> gets access to the keyring files. Another protection is to >> physically secure your keyring files (or at the minimum, the secret >> ring) by storing it on removable media of some sort: > > Is there any reason to physically secure your *public* keyring in > normal use?
Convenience of having all the files together in one place and mitigating the need to sync keys between public keyrings are only reasons that come to mind. Outside of convenience factors, there is no real need to secure public keyrings; that's why the keys are public. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
