Public/private key encryption is still far, far too complex. And storage of the private key is so risky-- where does it go?
-
-
Replying to @codinghorror
@codinghorror For keys used for login purposes, you encrypt them with a strong passphrase and revoke/reissue upon any possible compromise.1 reply 0 retweets 0 likes -
Replying to @RichFelker
@codinghorror The idea being that cracking the passphrase takes longer than the time-until-revocation no matter who the attacker is.1 reply 0 retweets 0 likes
@codinghorror Of course we still lack good infrastructure for revocation. (Think: all the githubs/bitbuckets w/ your pub key...)
3:16 AM - 7 Mar 2015
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.