I mean i could just email it to myself. But that would somehow be missing the point :) But if I did, it probanly be good if the generated pk was passphrase protected. Which isnt possible at the moment with openpgp.js...
I think before defending against some difficult attacls it would make sense to start at those basics :) Am 26.02.2012 08:13 schrieb "Tankred Hase" <[email protected]>: > One fundamental problem in terms of alavailability (thats a secueity goal > as well) is how to get my private key from device A to device B. Its all > great of I can upload and view my encrypted files in pgpbox on my pc. But > one main usecase I would see is having your documents during travelt. For > instance I want a scan of my passport and creditcards stored in pgpbox, in > case my wallet gets stolen. > > Does anyone have a good suggestion of how to transfer your private to your > android phone for instance? > Am 26.02.2012 05:14 schrieb <[email protected]>: > >> On 25/02/12 09:32, Fabio Pietrosanti (naif) wrote: >> >> > I would also invite to consider in the "taxonomy of problems" the >> > possible way of deployments of JS crypto: >> > >> > - Mobile Application >> > Javascript can be used to build mobile applications (PhoneGap) where the >> > code is delivered compiled in a normal application. >> > >> > - Self-contained "offline" HTML5 Application >> > Single self-contained HTML5 application can be used by users, not >> > necessarily downloading it every time from the web. >> > Those can be online (interactive with external services via REST) or >> > offline (interacting with local data). >> > Two example are the "online" TiddlyWiki (http://www.tiddlywiki.com/) >> and >> > the "offline" SelfDecryptEmail ( >> http://leemon.com/crypto/SelfDecrypt.html) >> > >> > - Pure Web application (web-delivered) >> > That's the most common context we think at and for which most security >> > risks are considered/perceived. >> > >> > - Browser plug-in application >> > That's the typical option to be provided and suggest to let the user >> > have a verification method for the JS code (code verification and/or >> > code delivery). >> >> You forgot one. Server side JavaScript applications. I've recently >> started learning NodeJS (http://nodejs.org/) and am looking forward to >> using OpenPGP.js with it one day. >> >> -- >> Mike Cardwell https://grepular.com/ http://cardwellit.com/ >> OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F >> XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4 >> >> >> _______________________________________________ >> >> http://openpgpjs.org >> >>
_______________________________________________ http://openpgpjs.org
