On 4/15/2013 1:24 AM, Ashley Holman wrote: > I also have a followup question. Is it acceptable practice to make a > paper backup of your private key by exporting it in ascii armored mode > and printing it onto some paper? (with a passphrase applied of course).
Let me apologize in advance for being pedantic. I understand the question that I think you meant to ask, but that's not quite the same as the question you asked. :) Whether it is acceptable practice depends largely on your local security policy. I can imagine some installations would disallow this, on the grounds that backups are the sole responsibility of system administration staff. Whether it is sensible practice, though, is a different question altogether. Without commenting on whether it's acceptable for your particular situation, I can say pretty confidently that a paper hardcopy of your private certificate is sensible. Print it out in a monospace font with the largest point size you can without causing the lines to wrap. (If you're wondering why, OCR works best with monospace fonts, and the larger the better.) > Has anyone ever had to recover from a paper backup - and if so > do you painstakingly type it to your computer, or use some kind of OCR > or perhaps QR codes to encode it? Although I haven't had to recover from a paper backup, I have tested it a few times using OCR software. Works fine. David Shaw also wrote a tool called 'paperkey' which yanks the unnecessary bits from a private certificate, leaving behind a much smaller thing more suitable for printing. It might be worth looking into. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
