> I do not really know what I need vs what I think I need. Completely non-snarky: this is an important realization to make and we're happy to help with this. Getting this answered will go a long way towards answering your "should I get a smartcard?" question.
> In my uneducated state, I think I want to be as secure as possible Again, completely non-snarky: this is the most common newbie mistake there is. The name of the game is not risk minimization -- it's risk *management*. > What I've read seems to hint that a smart card is a good way to > limit some of the potential exposure of having keys laying around. They can be. They can also be right royal pains in the ass, too. I have a kernelconcepts card and use it to store my secret key, since my laptop is a theft target. Whenever I receive an encrypted email I have to rummage in my laptop bag for my card reader, find it, plug it in, get my wallet, rifle through it for the card, plug it into the reader, discover gpg-agent got wedged, kill gpg-agent, try to decrypt the message, enter my PIN, and finally get my message. It's annoying as hell. OTOH, I deal with some high-value secrets. If I was dealing with lower-value secrets I probably wouldn't bother. > protect my files on disk (GPG's symmetric encryption works for this > quite easily and well) I used to work in computer forensics. GnuPG's symmetric encryption is probably not working as well for you as you think, since it doesn't remove traces of plaintext from the hard drive. (In its defense, it really can't.) Use an encrypted file system instead. > I get it. Thanks... if I could only figure out how to ask the right > question :). As in most of life, this is the big trick. :) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
