Hi Daniel,

On Mon, 16 Apr 2018, Daniel Kahn Gillmor wrote:
> what do you see as the advantage of a hardware token for message
> decryption given that the key will be transferred to main memory after

I don't see/use it as message decryption device. In about 20 years of
gpg usage, I have received maybe 10 encrypted messages. For my the prime
usage scenarios are:
* signing as verification (uploads to Debian, git tags, ..)
* using gpg key as ssh key
In all these cases expired keys cannot be used anymore, thus also not
abused. If someone has access to my computer and can decrypt one of the
10 messages, I really think I have a bigger problem than these 10 msgs.


PREINING Norbert                               http://www.preining.info
Accelia Inc.     +    JAIST     +    TeX Live     +    Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Reply via email to