Quoting Edward Faulkner ([EMAIL PROTECTED]): > I do the same thing with my passwords, but that doesn't quite answer > the question. Radu wants a place to keep GPG keys safe - not just > their passwords.
Yes, good point. I don't have a good answer to Radu's situation other than don't use the passphrase other than on your own system at times when you have reasonable confidence of not being root-compromised -- and keep the revocation certificate around on offline media in case you're wrong. > It would be pretty cool to use a PDA as a trusted device - it would > download a document from the PC, ask you to verify it, then sign it > and send it back. I've pondered this possibility for a few years, ever since I lived at a building with a (Linux-based) Internet cafe. Such a crypto appliance would definitely be on my shopping list. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
