-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I see. I wasn't thinking in terms of stolen password caches, just general financial record data or whatever other operation data maybe be backed up. Much clearer now.
Gratzie, Landon - -------- Original Message -------- From: "Mark H. Wood" <mw...@iupui.edu> Sent: Thu Aug 30 10:39:58 EDT 2012 To: gnupg-users@gnupg.org Subject: Re: what is killing PKI? On Thu, Aug 30, 2012 at 10:33:32AM -0400, Mark H. Wood wrote: > On Wed, Aug 29, 2012 at 03:14:50PM -0400, Landon Hurley wrote: > [snip] > > I do have a question about where you talk about backups though. How > > does PKI prevent back up loss? > > If I can prove that I possess my password without ever disclosing that > password to my correspondent, he never has my password and can't have > it lost or stolen. "Three can keep a secret, if two of them are > dead." > > It doesn't prevent backup loss; it eliminates the cost to me should > some vendor's backups go astray. No one can learn my secrets from > people who never had them. I only have to disclose my public key, > which is not secret, to my correspondents; my private key never leaves > my equipment unless someone penetrates *my* system or steals *my* > backups. More to the point: my passphrase never leaves my equipment and isn't recorded anywhere outside my brain. You can only get it by getting inside my computer. That's not perfect but I like it a lot better than the current setup. - -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Asking whether markets are efficient is like asking whether people are smart. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users - -- Violence is the last refuge of incompetence. -----BEGIN PGP SIGNATURE----- Version: APG v1.0.8 iQJBBAEBCgArBQJQP7JPJBxMYW5kb24gSHVybGV5IDxsanJodXJsZXlAZ21haWwu Y29tPgAKCRA3qYf9H1SVrG3aD/9KhBl5KuuSI+t/pIIY9x9SciHGEINgD56yoB7N kPnbNSjjV6WAarht1nt4rUnR0noejyeLEzPpIQM5UxLae+M7vg/1BUB0wgSGp6YB 5z7XZ3GMjee3aMlKEbANVIEQDYhtY35M/zxrO+9fAsEeIBYOqV4DIncd4UzhUyZF u1FIpc6wrqU0hd6cBq77umK38FSSLULh4lAvwiIyEcpNGN0YkdRxkkug1DpOXNd3 F05mEQEmlhTC7YKnuetFjisVIqS1shSArC8/g/5VkhSvLKm5K17qXi72buzIhgzY huK0Wk82FQHz5WT/hsL79Ek8mNiTA5vH62QG1ZMaNfHJNveenQYinxVfnl/B4rh6 3yyLRlST5iT5t0BV4HvRm+0v/T/ZeLmLd7S109xwtC5X23LiyEr2PK6UBqRlewPM eAvzM78aQ0z4Orp5/B5N7zXHpB8jSvVyQgYtKSxUIENmkn/WNyzZNGrRUYsMxLuy eIWyxnhR47Mfm1WFHwoQrfwDqEldH/2HjFArdq9KtMec1mwD5maAhL6XN1Z5XBVM 758GuqeR+7WIUZUoCEAIV7BYsHMCs9betYU1y+euJMNk2D9F5JtzPBallWDmPbFb m/5NBcW9rg2dneqKLA47m8YcMz17cCTXYLb95IPqXuZv6+sfnjLeg00HJp0v8/hI J1Eotw== =ijlC -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users