Re: [tlug] Managing PGP keys on multiple machines

["Gernot Hassenpflug" <aikishugyo@example.com>]

On Tue, May 20, 2008 at 9:56 PM, Curt Sampson <cjs@example.com> wrote:
> On 2008-05-20 18:22 +0900 (Tue), Mike Mazur wrote:
>
>> On Mon, 19 May 2008 17:39:59 +0900
>> Curt Sampson <cjs@example.com> wrote:

/../

>> Good suggestions, thanks. But it all comes down to having the private
>> key in two places, and should it get away from me in either place then
>> I need to revoke it and generate a new key pair.
>
> Err...if you keep it solely on a USB key, isn't that in one place?

That seems to be the way most people I know are doing it these days,
although a lot of them don't really know what they're doing:
fingerprint reader on the USB key with software on the USB key to poll
applications that need keys. Gah!

>> I keep thinking whether it would be better to have to separate key
>> pairs (one for each machine) and use them at the same time, but it
>> seems too inconvenient for others; ie: which key to encrypt with when
>> sending me email?
>
> Well, they can always use both.

I'm using one GPG key for work and one on my home machine. Both are
publicized. I don't think there's any problem with using two keys
though you'd probably still need to have both on each machine if you
want to read your own messages encrypted with either I suppose.

Gernot