Public/private key encryption is still far, far too complex. And storage of the private key is so risky-- where does it go?
@codinghorror For keys used for login purposes, you encrypt them with a strong passphrase and revoke/reissue upon any possible compromise.
-
-
@codinghorror The idea being that cracking the passphrase takes longer than the time-until-revocation no matter who the attacker is. -
@codinghorror Of course we still lack good infrastructure for revocation. (Think: all the githubs/bitbuckets w/ your pub key...)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.