here's another point that is closely related and along the way explains more about the general topic.
in order to encrypt something, such as a regular backup, in such a way that the human need not be present, it is necessary to use asymmetric encryption, so that passphrases do not need to be supplied. because the secret key is necessary for decryption, however, it *must* be included along with the encrypted file. if you do not do this, you might lose your homedir and only have access to the encrypted file, which would be useless. when you have to keep track of 2 files, there is always the risk that one gets lost or changed. naturally, including the secret key is less secure than having the secret key separate, because an attacker can attempt brute forcing the pass phrase, but it is a reasonable tradeoff in limited circumstances such as certain types of regular backups. now there are 2 choices: either include the entire homedir with the encrypted file, or only include the secret key. technically, only the secret key is necessary -- now -- so it would seem more secure to only include the secret key. i do not know if this is true from a strict crypto perspective -- does having the other information in the homedir, such as the public key, help an attacker? but somebody might not want the other information there, for whatever reason, such as because there is revealing information in the public key ring. on the other hand, if you only include the secret key, there is a risk that a new version of gnupg will not be able to decrypt with only the secret key present. this is a risk from the user's perspective -- the user does not know what kinds of homedir assumptions gnupg will make in the future. it is a future-proofing issue. gpg developers are probably pretty confident one way or the other, but if gpg is potentially developed with the assumption that nobody will ever want to include only the secret key, then the user doesn't know whether some other part of the homedir will become necessary for decryption in a future version of gpg. so not only is there an issue of needing to be sure that gpg will properly serialize a homedir in such a way that it contains everything necessary for decryption, but there is also an issue of whether the secret key by itself, (whether it is serialized or merely copied from ~/.gnupg -- both must be possible), will remain sufficient for decryption. the general issue is more important, of course, because without it, it is impossible, while if you have to include the entire homedir, you are "merely" potentially incurring privacy leaks and you can work around them by creating a clean homedir if gpg lets you. i hope this helps. let me know if anything was not clear enough.
