it is probably a good idea to have the key expire. I imagine there is a lot of keys out there where people did generate a key and then forgot what their passphrase was.
Also when you generate the key make a revocation cert. If you lose the key or it gets compromised you can then revoke the key.
Comment #2 posted on 2013-10-21 13:54:57 by klaatu
good point, theru
Yes, I had never thought about that use of expiry dates. Thanks.
I also never thought to make the revocation cert at the time of key generation. That's a good idea.
Thanks for listening and thanks for the tips!
Comment #3 posted on 2013-10-22 17:05:33 by Bert
I'm pretty sure that encryption is done only with the recipient's public key. You want to use your own private key to save a copy in your 'sent' folder, though. Evolution wants the sender's public key but that is AFAIK just a quirk that is specific to Evolution.
Great show!! I would like more people to get into gpg signing and encrypting messages.
Comment #4 posted on 2013-11-04 16:01:45 by theru
a bit for the tinfoilhats
found this site on Hackernews some nice tips in there
https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
Leave Comment
Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.
Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).