On 5/25/2013 10:54 AM, NdK wrote: > Using a card only to store a key generated on a PC is, IMVHO, plain > nonsense -- and that's why I'm working on MyPGPid: I want to generate my > keys on-card, backup 'em ONLY to other cards, and use a single card (per > identity) while being able to read all my old messages, even if I change > my DEC key once a year (in a test scenario I could store 40 keys on a > 72k card, still have to test how many on a 144k one).
I'd also like the ability to transfer keys between cards, much like one can transfer x.509 keys between HSMs. That said, I don't really see using a PC-generated key on a card as nonsensical. I do just that: I generated the key using a freshly-installed Linux distribution on an offline PC with an added hardware RNG for extra entropy. I burned a backup of the private key to a few CD-Rs (one for an offsite, secure location like a safe deposit box, the other kept locally in case of card failure), printed out a paper backup, transferred the key to the card, and replaced the private key on the PC with the stub pointing at the card. I understand the "one person, one key, one card" position, but my usage scenario is mainly "avoid the possibility where a remote attacker could gain access to my private key" (e.g. with malware, keyloggers, etc.). If someone has physically broken into my house or safe deposit box to get my offline backups, I'll (a) know about it and (b) have bigger problems. To answer Zece's original question as to why I use OpenPGP keys, I use OpenPGP (specifically GnuPG) to send potentially sensitive information over the internet. In my particular case, I'm an American living in Switzerland for grad school and some family members living back in the US act as my proxy for certain things that need to be taken care of back in the US like taxes. We use GnuPG to send this information back and forth as needed. Having it leak wouldn't be catastrophic, but I'd prefer to keep it private if possible. Additionally, the use of signatures is useful when corresponding with people over the internet. I place a strong amount of confidence that keys I've personally certified belong the to the person I met, but untrusted signatures are still useful to me as they can be used to show consistency over time. For example, I've never met Werner Koch in person, haven't signed his key, or have any idea if he is, in fact, named Werner Koch in real life...but he's been going by that identity for years and using the same key for signatures that whole time (as far as I can remember). Even though I can't confidently map his key to a real-life identity, I can be reasonably confident that the person posting as him today is the same person who was posting as him a few years ago as the key used to make the signatures is the same. As always, your mileage may vary, but those are some of the main reasons I use OpenPGP. Cheers! -Pete _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
