On Thu, Jan 05, 2006 at 12:21:00AM -0500, Atom Smasher wrote: > has anyone given any thought to what would be the difference between > carefully and carelessly making hard-copy backups of secret keys? > > i mean, it would be stupid to print a copy of ones secret key (with a weak > passphrase) and leave it lying on a table next to a window. OTOH, a > printed copy of a secret key (with a strong passphrase) would probably be > "secure" in a 10 ton safe. > > so how strong should a passphrase be when printing out a secret key in the > first place? what are the pros/cons of hiding versus securing a hard-copy? > what other factors should be considered? > > bear in mind, these are philosophical questions with philosophical > answers... i'm not looking for absolutes.
from my experience, all keys for long-term, _safe storage_ (and after revocation) should be kept with no passphases at all human memory is very volatile and some day you gonna need to decrypt an old email encrypted with the key you revoked in 1993[1], and there's is no way you'll remember the old, long time not used, non-trivial passphrase alex [1] Thats actual thing that happened to me two weeks ago. -- mors ab alto 0x46399138 _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users