Am 25.07.2017 um 20:34 schrieb Robert J. Hansen: >> I would think you could transfer the private key file to the moblle >> device by bluetooth, or by using a USB cable, or by email. So long as >> the private key is protected by a decent passphrase, anybody else >> getting a copy of the file should be of no consequence. > This is correct. > > I've often volunteered to publish my private key in the _New York > Times_, if someone will just pay for the listing. With a strong > passphrase, private keys are pretty darn safe against casual snooping.
I still would not recommend that to non-technical people. While the users on this list probably know what a 'decent' passphrase is, most normal users don't. They tend to choose passwords which are too short, contain dictionary words - or they are written down right under the keyboard... Having a second line of defense, i.e. keeping the private key secure, is usually a good idea. That's the whole point of the OpenPGP smartcard, after all. Andreas
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
