On 27/08/2019 20:50, Stefan Claas via Gnupg-users wrote: > But what would be, when using computers at work or public places, then > the best strategy for using OpenPGP, without carrying a Notebook or > smartphone? The strategy I advice would be to not use GnuPG and look for alternatives.
I wouldn't look for some golden practice because I believe there is none. Bluntly speaking, GnuPG is not fit for purpose of securing everyday communication and shall not be advertised as such. Generally your keys should never leave secure environment. Secure environment can be either dedicated machine that you control or (better) SmartCard/HSM. If your keys cannot be contained in secure environment, your comms channel should be re-keyed after use. Modern communicators perform re-keying after every message. GnuPG makes re-keying very cumbersome. > There should be good solution available IMHO. :-) Sadly, GnuPG never delivered friendly user experience. It found it's niche in some specialized use-cases, such as infrastructure - package signing, backup encryption, commands by e-mail, etc - but it never gained significant adoption among wider population. If you expected more - I' m sorry that you will be disappointed. Cheers, Chris Narkiewicz _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
