In the recent post Getting Started with GPG we started with installing GNU Privacy Guard, Generating the right kind of key, and then doing some homework before beginning to use GPG for anything important. The homework presented here in a friendlier list form consists of:
- Backing up the key pair to a storage device1
- Plug your public key into the Phuctor to test it and book mark its page.
- Delete and then restore your key from the back up.
- Revoke your key
- Generate a new keypair and start the exercise over again until you are incredibly comfortable with this key management thing.
- Once having repeated the above several to dozens of time check the bookmarked phuctor links and make sure the public keys haven't been problematic.
- Finally consider generating keypairs for actual uses like pushing to a keyserver to use for email and registration with gribble or to not publish and register with MPEx. GPG has the tools to manage multiple identities so you can have separate keys for your actual name and for any pseudonyms you might use.2
There is a reason for doing all of this practice and it isn't that GPG is hard to use, because GPG is rather easy. The reason for all of this practice is that managing private keys is a burden. If anyone else has access to your private keys the circumstances are catastrophic which is why any form of backing up a complete key pair to a "cloud" or a "server" is wrong.
A lot of fuss is made over how an email address is your passport and identity on the internet, but email on its own sucks at this purpose. Email headers can be forged, email passwords can be phished, and signing a contract with an email address is an impossible task. A GPG private key though can serve as an authoritative signature of yours, it can ensure anyone with your public key can send messages for your eyes only, and it is a stellar way to declare an identify on the internet.
This means if another party has your private key they can sign messages in your name. They can read private messages intended for you. They can really make your life a pain, and your only hope is that you can revoke your key before they do too much damage and other people see the revocation, which isn't ensured. You might owe tens, hundreds, or thousands of Bitcoins or some other consideration by the time you can revoke the key.
Then there is the burden of backing up a private key. If you register with a service like Gribble than manages the Bitcoin IRC Web of Trust, should you lose your private key you lose access to trade and deal on the reputation you have established, in this case you want a number of backups but no more than you can ensure the physical security of. On the other hand if you are communicating secrets and losing the ability to read them is much more desirable than letting an adversary read them , then a tool like the upcoming Cardano may be more desirable for its ability to destroy the private key. As you are hopefully starting to see different priorities can lead to different implications for how you probably ought to manage your keys, but as in many things the onus is on you to decide how to go about things.
- Necessarily one where you can ensure its physical security. Someone asked my if Dropbox is fine. Dropbox is the opposite of a fine place to keep your public key. The smallest of reasons is that Dropbox Hacked Again was a headline. [↩]
- Nearly all of the GUI tools for key management handle juggling multiple keys seamlessly. I'll discuss then later. [↩]