Re: [Macgpg-users] iphone/ipod touch mail encryption....

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

> As we all get more and more mobile I thought it might be nice to be  
> able to encrypt/decrypt mails sent to and from these devices.

I think the best option here is actually to use a 'web service'. In  
this case, have you considered something like HushMail? Or, of course,  
the GPG support in other webmail apps such as SquirrelMail.

Regarding the security of your private key, this is already a problem  
with people who use multiple machines for email. Tokens (cards, usb  
keys etc.) are one option but they suffer from the same issue as  
storing your key on your iPhone. My feeling is that we are already in  
an environment where we need to be able to use our private keys in  
multiple (insecure) locations and we therefore have to quantify the  
real security level of the passphrase we use for the key-pair and how  
we store it.

I don't think it wise to rely on security through obscurity - hiding  
your private key on your home machine. It should be possible to have  
your private key at work, at home, on your laptop, your iPhone etc.  
safe in the knowledge that it is at least as hard to crack as an  
encrypted email.

Does anyone know whether the GPG developers are doing anything major  
to help in this problem? By preference I'd quite like to see the  
ability to separate sub-keys out from a private primary key. At the  
moment it is common practice to generate expiring encryption subkeys  
but not really to do the same for signing subkeys. If we could have a  
master signing key and expiring signing/encrypting subkeys (signed by  
the master) then take ONLY the subkeys with you, you would not expose  
your primary signing key (which has the whole web of trust thing  
attached to it) but only a reasonably disposable subkey. I suppose you  
can achieve something similar with a second primary key that you sign  
with your first primary key but this is very messy (esp. when you then  
expire the second primary key) and as the second key is a fully- 
fledged key in its own right the trust level against it would be  
harder to manage.

Robert
---
GnuPG public key:
http://www.Far-Blue.co.uk