On Tue, Sep 9, 2008 at 18:50, Matt Harrison <[EMAIL PROTECTED]> wrote: >> It looks like I've imported a pub/sec keypair now. Should I remove >> the public key for security? Maybe I misunderstood from the beginning >> and having both keys on the same system isn't a security issue? >> >> - Grant >> > > It is still a security issue, but only as much as any other data on your > machine. Physical access to the box, or being remotely hacked will > always be a security risk. > > And yes, if someone does break in and copy your pub/sec keypair, they > will have full ability to masquerade as you in signed and encrypted emails. > > You have to weigh it up for yourself really. Many, many keep pub/sec > keypairs for their email on more than one machine. Of course it would be > a lot of work for someone to compromise your system for your gpg keys, > so your email would have to be of value to them.
It's always possible to generate a revocations certificate and store it in a safe place (CD, usb key etc.) http://www.gnupg.org/gph/en/manual/c14.html regards, Boris. > > Just my $0.02 > > Matt > > -- $ ruby -e'puts " .:@BFegiklnorst".unpack("x4ax7aaX6ax5aX15ax4aax6aaX7ax2 \ aX5aX8axaX3ax8aX4ax6aX3aX6ax3ax3aX9ax4ax2aX9axaX6ax3aX2ax4 \ ax3aX4aXaX12ax10aaX7a").join'
