I've noticed that both my old hosting service and my new one have an option on the control panel for managing keyrings (old one was GnuPG, new one is OpenPGP). How is that useful? I thought it was not a good idea to store keys on a remote machine. Or was that just for private keys? But even so, what kind of stuff could I even do by keeping a bunch of public keys on my web server?
[Edit: Ah, it turns out that OpenPGP is a standard used by GnuPG...]
[ July 23, 2004, 03:24 PM: Message edited by: saxon75 ]
Posted by fugu13 (Member # 2859) on :
Not keeping your private key(s) on a server is generally a good idea. Keeping public keys there is fine; more than fine, in fact. By keeping public keys on your server you could encrypt messages and other information destined for that person. Also, you could manage your own public keys and make them available to people who wanted to do the same for you.
Posted by katharina (Member # 827) on :
I keep the keys in a handmade ceramic bowl on the marble-topped stand in my entryway. The computer is too far away.
Posted by TomDavidson (Member # 124) on :
If you're paranoid enough to use key-based encryption, you should be too paranoid to let another company host the box that's doing your encryption.
Posted by fugu13 (Member # 2859) on :
*chuckle* Tom, there are valid reasons for encrypting communications on occasion other than paranoia. And if you trust your webhost (or even better, just use it to store the public keys and do the encryption yourself), there's no reason not to allow it to do the encryption. After all, its a web of trust, not a web of distrust.
My primary use of GPG is signing, myself, which makes server side storage of keys much less essential. I just collect public keys from people I know of on the off-chance I'll need to send them something encrypted. And frankly, if I'm sending sensitive information and can encrypt it, I might as well; it would be silly not too. Ultimately, that's what public key/private key communication is about: bringing recipient based encryption and identity signing ubiquitously and pretty much transparently to people who want it (and hopefully to even more people in the future).
Posted by MacBeth (Member # 5670) on :
errr. I forgot your sight...when I last left off homeboy got bitten by the wereboar and you were all fighting off the undead....Little help here?
Posted by MacBeth (Member # 5670) on :
::Bump:: Seriously I know it was some time ago but I wanted to know what happened...although you were merely role-playing the story was pretty engaging...once you got past the whole rolls thingy
Posted by MacBeth (Member # 5670) on :
Ok nm I found it again...but really man $16.00 for a mug??!! ouch Posted by Annie (Member # 295) on :
Kat, that was the very snide response I was about to make...
![[Wall Bash]](graemlins/wallbash.gif)
![[Big Grin]](biggrin.gif)