On 03/22/2011 06:37 PM, Jerome Baum wrote: > > So, I move my key to a smart card to gain the illusion that it's more > secure, while it practically isn't (at least not much more). >
Why wouldn't it be more secure? Before my key was encrypted but available on disk, and available unencrypted in system memory. Now it's on a specialized smart-card, completely inaccessible to the OS. History of my key. 1) Normal key for a few months. 2) Moved the primary key offline, only used subkeys on networked computers, and did that for a few more months. 3) Moved the subkeys to a dedicated smart card. Sure, I can't guarantee that the NSA or a Chinese Hacker didn't compromise my keys a year ago, but I'm still much more secure now than I was then. -- -Grant "Look around! Can you construct some sort of rudimentary lathe?"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
