|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] how to lose your rights and freedom...
|
On Fri, Feb 14, 2003 at 07:01:19PM -0500, gabriel rosenkoetter wrote:
> On Fri, Feb 14, 2003 at 06:32:03PM -0500, Jeff Abrahamson wrote:
> > This is one reason to change your encryption keys frequently (thus
> > having lots of encryption sub-keys). What would be subpoenaed,
> > presumably, would be the decryption key, not your passphrase. So your
> > signing key is safe.
> >
> > (Remember, if you "forgot" your passphrase, you better never sign
> > anything again.)
>
> Not disagreeing, just picking nits:
>
> This happens to be true for the exact format of PKI that OpenPGP
> uses, but it's not generally true (not even generally true of PKI
> systems).
Not true for OpenPGP either. You can have a different passphrase on
your signing (sub)key than on your encryption (sub)key, even if they
are the same "key" overall.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|