[H-SASIG] Passwords and secrets
Greg Black
gjb at yaxom.com
Mon Dec 21 01:16:40 EST 2009
On 2009-12-21, Russell Stuart wrote:
> On Mon, 2009-12-21 at 15:14 +1000, Daniel Devine wrote:
> > I feel funny about just throwing all of that stuff on the internet.
> > How about 2 or more flash keys with the content encrypted using the
> > GPG keys?
>
> Ah, yes. It does indeed require you to make the leap of faith into
> trusting GPG's encryption, absolutely. I did that ages ago. I have a
> similar personal file which I distribute all machines I manage to as a
> form of backup. It is not "publicly available", but I sure don't go to
> great lengths to hide it either.
>
> Does anybody else have trouble making this leap of faith?
I think it would be absurd not to make the leap of faith. Just
as it would be absurd to start talking about USB keys and the
like. Our goal here is to make things simpler for us, not more
complicated.
And, on the subject of version control, I completely disagree
with Ray's idea of using a different system for this one file.
Whatever we decide to use (and I thought that decision had been
made in favour of Mercurial, but that's not important), we
should use it for everything. Whether it's RCS, Hg, Git, or
whatever, it will still be one file with its associated revision
control directory, and that can be put in a tar file and
encrypted quite easily.
Greg
PS: I fixed the errant apostrophe in the Subject header because
it drove me nuts.
More information about the Sasig
mailing list