On 21/01/16 16:17, Kristian Fiskerstrand wrote:
> Not following this thread too closely, but I expect --show-session-key
> and --override-session-key has been discussed.
No, not in this thread. I hadn't mentioned it since I focussed on the
archival and rotation aspect, not access to a specific ses
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/21/2016 01:09 PM, Peter Lebbing wrote:
> (oops, accidentally forgot copy to list, sorry for thread breaks)
>
> On 2016-01-21 11:29, Lachlan Gunn wrote:
>> Speaking of which, is there any solution around for session key
>> archiving?
>
> Not
>
> I don't understand, what are the session keys encrypted with? I thought
> they
> were encrypted to the original smartcard subkey, which is dead. With two
> smartcards, you might be able to get by if you get all your correspondents
> to
> use the new subkey before the second smartcard dies. It s
On 21/01/16 13:34, Lachlan Gunn wrote:
> Then you rotate to the new key with little or no data loss because all of
> the session keys are logged. You can generate the key on-chip so that it is
> unable to ever leave the smartcard, which is obviously desirable from a
> security point of view.
I do
On 21/01/16 13:34, Lachlan Gunn wrote:
> You can generate the key on-chip so that it is unable to ever leave the
> smartcard, which is obviously desirable from a security point of view.
I think I prefer off-card generation, with GnuPG's random number generator,
rather than some low-power, propriet
>
> I'd say that's a bad idea anyway. What if the smartcard breaks?
>
Then you rotate to the new key with little or no data loss because all of
the session keys are logged. You can generate the key on-chip so that it
is unable to ever leave the smartcard, which is obviously desirable from a
secur
(oops, accidentally forgot copy to list, sorry for thread breaks)
On 2016-01-21 11:29, Lachlan Gunn wrote:
> Speaking of which, is there any solution around for session key
> archiving?
Not that I'm aware of.
> Key transition would be a bit more convenient if there
> were some way to automatical
On 21/01/16 12:32, Lachlan Gunn wrote:
> The first reason is that you can't do it if the key only exists on a
> smart card.
I'd say that's a bad idea anyway. What if the smartcard breaks?
> The second is that you now have to do one decryption per
> message, so if the key is on a smartcard then it
> Not that I'm aware of.
Ok, thanks, might make an interesting project then if I get some more free
time.
> Without any rigorous thought having yet gone into it, it seems they have
the same /effective/ properties.
The first reason is that you can't do it if the key only exists on a smart
card.