[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key Security Question

To: "Z.B." <[email protected]>
Subject: Re: Key Security Question
From: Toto <[email protected]>
Date: Fri, 31 Jan 1997 17:51:47 -0800
Cc: [email protected]
Organization: TOTO Enterprises
References: <Pine.3.89.9701311005.A14002-0100000@netcom>
Reply-To: [email protected]
Sender: [email protected]

Z.B. wrote:
> 
> My computer went into the shop a few days ago, and I was unable to take
> my PGP keys off it before it went in.  What are the security risks here?
> If the repairman chooses to snoop through the files, what would he be
> able to do with my key pair?  Will I need to revoke the key and make a
> new one, or will I be relatively safe since he doesn't have my
> passphrase?

  If the repairman has your pubring and secring files, you can now 
consider them in the same light as a 'busted flush'.
  Chances are, he has neither the capability nor the interest in 
popping open your deep, dark secrets. On the other hand, if he 
returns your computer with a 'shit-eating grin', you may be in for
a world-of-hurt.
  My advice would be for you to check your 'paranoia level' and,
if you are a quart low, then read Phil Zimmerman's PGP documentation
once again, and make your decision based on the reality of the
possibilities involved.

Toto

References:
- Key Security Question
  - From: "Z.B." <[email protected]>

Prev by Date: Re: Complying with the EAR [was: More Circumventing the ITAR]
Next by Date: Re: Fwd:[Yet another -onics..]
Prev by thread: Key Security Question
Next by thread: Re: Key Security Question
Index(es):
- Date
- Thread