Re: [tlug] gpg (was) advice to consider upgrading to RH9

[Jonathan Byrne <jq@example.com>]

On Wed, Aug 13, 2003 at 02:49:33PM +0900, Shawn wrote:

>>I keep that kind of thing in at least two of the following:

>Um I don't quite follow.  Do you keep two keys seperately?

Sorry.  I meant I keep the sensitive data in at least two locations,
such as in an encrypted DB on my PDA and a gpg-encrypted file on
my disk or on a flash drive.

>Or do you just encrypt to one key and use a pass phrase to get at it 

On my computer, I use gpg, so that encrypts with my public key
and decrypts with my private key.

The app on my PDA simply encrypts with a passphrase.  I don't
know how strong the crypto itself is, but I make sure to at
least use a strong passphrase.  Gotta check around see if there's
a version of gpg for PalmOS.  I hate to think of how long it might
take to encrypt and decrypt on a 16 Mhz Dragonball, though :-p

I also keep a backup of the PDA on compact flash, so that if it
dies or is stolen, I can quickly recover the data I keep there and
set about changing passwords.  Odds are I can change them faster than
someone can discover they are there and crack the passphrase.

Jonathan
-- 
gpg --keyserver pgp.mit.edu --recv-keys ACC46EF9

Attachment: pgp00038.pgp
Description: PGP signature