[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
public accounts / PGP / passphrases
[This message has been signed by an auto-signing service.
A valid signature means only that it has been received at
the address belonging to the signature and forwarded.]
-----BEGIN PGP SIGNED MESSAGE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hal writes:
> Just create a special key for your netcom account. Use no pass phrase;
> using one would give a misleading sense of security IMO. Just pass your
> mail through "pgp -saft" or equivalent and you've got it. It is easy to
> do this from most editors.
Could someone please elaborate on the foolishness of using PGP with a
passphrase on a public machine (as I do) ? Am I wrong in thinking that my
secret key is useless to an intruder until she guesses my passphrase ? I
have no net access except via an account on a public machine, so I'm not
about to start storing my secret key elsewhere, but I'll change my passphrase
to <null> if it's irrelevant anyway. I just reviewed the PGP docs a bit and
Phil says "Nobody can use your secret key file without this pass phrase.",
which seems to contradict what many people on the list have said.
- - -L. Futplex McCarthy; PGP key by finger or server
"Don't say my head was empty, when I had things to hide...." --Men at Work
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLt6Cq2f7YYibNzjpAQF3KwP/ZgxKliBQe+BQ+Q0FfiN9ycxTRWRHlPWY
qF4iqmxT70uWLm6hsSX6A88EKv1E+k4mfYhVAnT8XQCTp2wEYMVOHvlFJQiKHOCj
55Cot8bL7JCrJ+lUIDdCPOnNra61F2cc+S26EyB5jIKvudzkPLsWI49galG201M7
ILld5lrJhAw=
=vc9N
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQBFAwUBLt6D+ioZzwIn1bdtAQGz5gF+Kokq6ZW/HpgRWowG2/+3QB913tJD2opJ
+gKNrxqTK40qzj/8pdNNpreKYrf4rWIi
=9YBk
-----END PGP SIGNATURE-----