At Thu, 1 Jun 2006 10:02:48 +0200, Bas Wijnen <[EMAIL PROTECTED]> wrote: > > [1 <multipart/signed (7bit)>] > [1.1 <text/plain; us-ascii (quoted-printable)>] > On Thu, Jun 01, 2006 at 02:58:17AM +0200, Pierre THIERRY wrote: > > Scribit Bas Wijnen dies 01/06/2006 hora 00:49: > > > (Intentional side-effect is that storage which is given to some other > > > user cannot be checked for opaqueness. This can be "fixed", but I'd > > > rather not do that if possible.) > > > > Then just don't bother to implement opaque storage and let users take > > care of it on a social basis. Unverifiable opaque storage is of no use, > > or I didn't understand it's purpose. > > In case of encryption keys, the idea is that even the user doesn't need access > to the private part (except through a well-defined interface which doesn't > expose the private keys themselves, that is signing and decrypting), and that > must not be exposed to the world, not even by accident.
For that reason I have some of my encryption keys on a smart card, on which they were generated (the OpenPGP smart card). Smart cards give me the advantages of opaque storage that I care about, while reducing the risks that I see in it to a bare minimum. In fact, if I were not so lazy, I probably would have generated the key on an off-line computer, and then uploaded it to the card while storing a print-out of the secret key in a secure place. That would be even better, but my needs are rather modest so I didn't. Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
