Thank you for sharing this Francesco. Yes, having a secure, durable offline backup is important.
Coming from the Bitcoin space, we've already explored many options in an effort to allow users easily to back up private keys. I have to say the effort involved in your method seems unrealistic for most users: > Considering a paperkey is less than 150 lines, that means it should take 50 sessions, or a little less than 2½ months to get it on paper. The whole effort costs 50×10m ≃ 8 hours of your time. In Bitcoin, we can use the BIP39 standard to backup nearly infinite number of keys (trees of derived keys) with just 12 simple English words. It even has a checksum! Only in the first four letters of each word are even necessary as those are always distinct making input very quick and easy. GPG would benefit from something similar. Only 1% of the 1% of users, will put in the effort in that you did meaning that most users are not properly backing up their PGP keys and or are trusting computer hardware/printers. I see there is efforts like paperkey word list: https://github.com/vonshednob/paperkeywords But ideally such a system should be standardized and built into gpg so that users can be sure they will be able to restore keys. One can actually use the most popular Bitcoin hardware wallet as a PGP signing device. Since the device is backed up with a BIP39 "seed phrase", you can effectively say that it's a way to backup GPG keys with 12 or 24 words: https://support.ledger.com/hc/en-us/articles/115005200649-OpenPGP?docs=true The fact that It has a screen and you can input the words directly into the signing device means that you don't need an air gap computer as well. That might be a good option for some people. Jonathan
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
