On 17/01/16 21:00, Doug Barton wrote: > You glossed over the points in my previous messages about the fact > that we cannot know for sure if the person sending the message is > actually who we think it is [...]
Well, to me it sounded like you said "Signature subkeys aren't enough by themselves, so they don't matter". Whereas they are a necessary part of the puzzle. > But this thread started trying to refute my assertion that keeping > certification keys air-gapped is pointlessly complicated. I haven't > seen a refutation of that premise yet. :) The only good argument (IMO) I can think of is: ease of replacement. If you have an online primary key, and your computer is hacked, you have to revoke the whole key, since the attacker got the private material. This means you need to meet up with at least some of your contacts again to exchange fingerprints. You can't do a key transition, because so could your attacker; if you know your private material is out there, you need to discard the key wholly. Now, if you have an offline main key, on an air-gapped system, that makes it a lot more difficult to attack. When your online, Internet connected system gets hacked, you have a big problem. All your encrypted stuff the attacker can get is readable to them, and as long as you don't know yet, they can issue your signatures. But when you discover it, you can reinstall or throw out the hacked hardware, issue new subkeys and be done with it. Since your primary key was still safe, your correspondents know it's still you. And luckily, your certification key is also the one you use least of all. Issuing new subkeys and certifying other people's keys; the most rare of occurences, I think. But as I wrote, this is what I can think of. I'm inclined to think there are other reasons why an offline primary key can give a significant advantage over an online one. I just haven't thought of them. Similarly, I'm not convinced there aren't good reasons why a smartcard for SSH authentication is indeed an advantage over on-disk keys. So your characterization: On 17/01/16 04:32, Doug Barton wrote: > Sorry, all that does is replace something that already existed, works > well, and is widely supported; with something more complex, often > buggy, and not widely supported. That's not a use case, that's a > solution looking for a problem. is going to far for me, but obviously you're free to be of a different opinion :). HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
