PGP Encryption

[Winfried Tilanus]

On Wed, 15 Mar 2000 20:26:45 -0400 (AST), Trevor Smith wrote:

>I don't understand the reason for the above. Why would he need the
>different keys? If you have a "high security" key, what's the purpose
>of ever using the "low security" one(s)?

Maintaining a really high security key is quite a hassle. The biggest
risk is that your private key gets compromised, by error of by someone
physicly of electronicaly breaking into your computer. To avoid this
you really need to be aware all the time where your key and its copies
are (don't forget your backup or your swapfile) and who might access
those. This might be combined with a rotating key.

Working with keys like that is quite a hassle and it is easier to use 2
keys: a high securety key for those rare, but very sensitve things and
one low security key for day to day use.

>>BTW, your comment about the truly paranoid is not very fair :-)
>
>I said *or truly persecuted* too!

What is the difference? In my case: it is my job to talk / write /
e-mail confidentially with people that are in some sort of trouble.
Some of them are, or might be, persecuted. My work is fully legal. The
police and intelligence services are only allowed to ask me for
information and may not force me to give it. Still the experience has
shown that some level of paranoia is justified ...


Best wishes,
Winfried

http://web.inter.NL.net/users/Winfried/