-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi Stefan,
> For signatures it is maybe not so important, but what if you get an > important, encrypted, email? Then you will be unable to read it on your > phone unless the sender also encrypted it with your phone key. sure. On the other hand, the private key isn't safe on a mobile device. First, it's lost easily, second you won't have a really complex passhrase there also. So the question is what's more important - the ability to read encrypted content on the device - or to be safe noone can decrypt messages encrypted to my main key and create signed messages using my key. In my case it's sufficient to know that there is an encrypted message waiting to be read on a properly secured device. BTW, I even use a SmartCard to store my secret key on, so I couldn't use it on most mobile devices anyway. But I easily know that only I am in the posession of my private key. > The private key is actually always symmetrically encrypted, right? Yes, as long as it is protected by any passphrase. > Personally I usually don't use a long passphrase (because I see it as > unlikely that anyone will go through the effort of obtaining my private key > from my device), but certainly when sending the private key over the wire > this would be necessary. Maybe Enigmail could prompt the user to change the > key password when it is sent by email and recommend a really long > passphrase (as it is only needed twice). The user would then just need to > change the password back to something reasonable after receiving the key. IMHO that's something the user should care for himself, that's not something a GUI should implement. Choose a reasonable passphrase on your master device, distribute your key by USB flashdrive / email / dropbox / encrypted ANYbox and change the passphrase to your needs. > This isn't an option really, since it would spell trouble for "dumb" > devices like Android where you probably can't assume support for such fancy > things. Sorry, I just tested on my Galaxy Note - you're right, Android seems to have no builtin support for ZIP at all. I never noticed since all my devices have Total Commander installed ;-) Olav - -- The Enigmail Project - OpenPGP Email Security For Mozilla Applications -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) Comment: Dies ist eine elektronische Signatur - http://www.enigmail.net/ iQGcBAEBAwAGBQJR39xOAAoJEKGX32tq4e9WBCcL/1v2KfMT9g7vm5AdYhUdvO6D F8jxmDmw6oTeerHQeK/CiWLeafLEvcHXErMP2XyX+/fTbGvwvEAku5MVprbf4g4R g9sFzjsQR8/bBgwVrg/4rzu8R2yvE5lcv21PQgHocSuAeIDMUjImpm+5QiDEL+17 LDv9Wxx6xNMweLvyroj00vjcASOJcYrJyYMxfdjwEr9z954R4wGnOLXjJ1+esOMH F9dBXh8JOvcciO0sU0EUZrOSEN4XoBU3rXqYV4UQEQp0f75fST8JXdcUzH83+T5B AWdG83eh0/PkVjZot/kUoX23FujtV/blonvqX4vYF+p2oXieBebbBnVNBUzDautH hqNjoLe4B3UIgVFlAZiezwieaBDWHUvel8WdfOdqnCjgQPNuoJb6lzwmBBE1dxWU PcL5BPYnYb92rGW21r+2E07XRZi3m14BEekA0BxxxuOI08VA06C6vzFiTSZA9w3h FK4+AAROCB7BKgH1Yk0BXRd2wDlTrHLjdGBgnnSycA== =K7bQ -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
