On Sat, Feb 17, 2018 at 11:15:57PM -0500, Daniel Kahn Gillmor wrote:
On Thu 2018-02-15 21:33:05 +0100, Juergen Christoffel wrote:

I'm looking for best practice tips for offline usage of GnuPG. [...]
GnuPG's defaults should be fine for the common, simple backup case.

However, i note that you're talking about "today's public key" -- that
suggests that you're imagining a regularly-updated key that your backup
tooling will know about.  This is in some sense antithetical to "offline
usage" -- how will the backup scripts learn about the new keys if they
can't go online to fetch them?

Thanks for the feedback and sorry for the delayed answer, I've been on a
business trip.

It sounds like you're proposing an OpenPGP primary key that has a series
of relatively short-lived, expiring encryption-capable subkeys.  Is that

Yes, that's what I plan to do, generate a subkey for each month in advance
and use this to encrypt my backups.

And it seems that I shouldn't have used the term "offline usage" without a
better spec what I ment. So: GnuPG tips for communications use state that I
should do this or don't configure that in order to keep my keys compatible
with potential recipients. That's what I consider "online" use, while I use
"offline" to say that I don't intend to share encrypted stuff with external
parties, so I have no need for potential limitations

For further clarity, it'd be useful to understand what you see as the
goal of key rotation here.  Do you plan on deleting older secret
subkeys?  if so, how will you recover backups that were encrypted to the
destroyed secrets?

Backups are done from a rented root server to a rented storage server in
"the cloud" and I want to lessen the impact of a potential compromise of
these keys. That is, if I have to restore certain files from a backup, and
the machine where the decryption happens might be compromised, I don't want
all backups to be compromised in a single step.
But for backups, this is a slightly more complicated story.  It
certainly can be useful if you want to be able to robustly *destroy*
backups that might be stored on servers that you don't have full control
over.  That is: encrypt the backup to public key X, send the encrypted
copy to "the cloud", and then when you're sure you don't need it any
more, delete the secret key corresponding to X to ensure that it's not
recoverable.  But most people have a hard time just getting their
backups to happen on a reasonable schedule, and don't have a reliable
schedule for backup destruction.  Do you have such a plan?  Or do you
envision some other reason for the proposed key rotation?

The backup plan is in place and uses rotating backups, so older backups
expire anyway after some time.

Thanks for your detailed suggestions, I'll rethink my plans with them in

Regards, JC

 Doctorow's Law: Anytime someone puts a lock on something you own, against
 your wishes, and doesn't give you the key, they're not doing it for your

Gnupg-users mailing list

Reply via email to