On Thu, 03 Nov 2011, Jakub Wilk wrote: > * Lars Wirzenius <l...@liw.fi>, 2011-10-30, 17:33: > >>Personally, I think some guidelines for DD's about securing > >>their personal machines where their private keys are located > >>would be a good idea. It would be a lot better than just having > >>a vague and ineffable thing called "trust". > > > >I agree. I offer the following as a first approximation, targeted > >specifically for key management. > > > >* These are meant to provide an idea of the minimal acceptable standard. > >* Store your master PGP keys on at least two USB thumb drives. > > This seems to suggest that having multiple copies of the PGP key
Multiple *offline* copies, in an encrypted container. > somehow improves security. However, at least for some attack > scenarios, it's quite the opposite. The problem is that those offline copies are the only full copies that are supposed to exist, as you're not supposed to have any online copies of the master key, just copies of the subkeys. You can get away with just one offline copy, but it better not be on normal media or you could lose it entirely. You can simply store both offline copies at the same site if you want to manage key exposure risk, as that increases the risk of key exposure by a very small margin (two encrypted containers, might or might not make it easier to break depending on what exactly you did), and decreases the risk of the key becoming irretrievable due to device malfunction a great deal. One thing we have not talked about, is that of subkey validity. It is not that kosher to have anything signed in stable with a subkey which will not be valid for the lifetime of stable, so we should keep that in mind. > More copies means more things that could be stolen. And backups are > often stored in distant locations, so it might be easier to swipe > the copy without you noticing. That is a real concern, yes. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111103174436.ga3...@khazad-dum.debian.net