Am 25.07.2017 um 20:34 schrieb Robert J. Hansen:
>> I would think you could transfer the private key file to the moblle
>> device by bluetooth, or by using a USB cable, or by email. So long as
>> the private key is protected by a decent passphrase, anybody else
>> getting a copy of the file should be of no consequence.
> This is correct.
>
> I've often volunteered to publish my private key in the _New York
> Times_, if someone will just pay for the listing.  With a strong
> passphrase, private keys are pretty darn safe against casual snooping.

I still would not recommend that to non-technical people. While the
users on this list probably know what a 'decent' passphrase is, most
normal users don't. They tend to choose passwords which are too short,
contain dictionary words - or they are written down right under the
keyboard... Having a second line of defense, i.e. keeping the private
key secure, is usually a good idea. That's the whole point of the
OpenPGP smartcard, after all.

Andreas

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to