On 02/15/2013 10:25 PM, Nick M. Daly wrote: > For example, is it acceptable if the client's secret key be exposed > when the box is rooted by attackers? (Probably not, but that does > let the host act as a trust proxy without relying on subkeys, or > other weird yet conceptually interesting trust models).
what's wrong with using subkeys or explicitly designating a trust proxy?
it seems like the tradeoff (of having a rootable machine hold your
basic secret key identity material) is clear enough to make the use of
explicitly revokable proxies worth doing.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
