[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Why 'duplicity without private key' is a bad idea -
From: |
Radomír Černoch |
Subject: |
Re: [Duplicity-talk] Why 'duplicity without private key' is a bad idea - WAS: Restart duplicity without private key |
Date: |
Thu, 19 Jun 2014 15:33:22 +0200 |
On 19 June 2014 15:07, <address@hidden> wrote:
> On 19.06.2014 14:22, Radomir Cernoch wrote:
>> OK, I see your point. I had 2 motivations for the "without private key":
>> 1) Backup several machines with a single key pair for easier management.
>
> that's insecure by design
Really? Could you elaborate on this, please?
I planned to use a public key for encryption and store the private key off-line.
In what ways is this less secure than your proposed scenario?
>> Your solution indeed solves both issues. However, there is a price to
>> pay: Twice the storage and twice the processor time for encrypting.
>
> don't understand, why? you mean key creation?
Sorry, this was a mistake on my side. After having read more about
GPG, the rest of my questions became irrelevant.
[Duplicity-talk] Why 'duplicity without private key' is a bad idea - WAS: Restart duplicity without private key, edgar . soldin, 2014/06/19