I've-forgotten-who writes:
Since we need a passphrase to access our secret key, it is reasonable to think that our secring.pgp file is pretty secure, as long as our passphrase is notrivial. What am I missing here?
There are two security items here. The first is that the secret RSA key nott be revealed. The second is that the name attached to that key pair not be revealed. Derek writes:
The secret key on the secring.pgp is IDEA-encrypted... So, it is only as strong as IDEA, and your passphrase.
This protection applies to the first criterion--your secret key is not revealed. No one can steal your key and impersonate you. The second datum, name attached to a key, is protected only by one's sole possession of the secring.pgp file. If you are using a pseudonym, and using an RSA signature to enforce it, and doing thing with this pseudonym that you don't want identified with you, then you'd better make sure that secring.pgp file is not discovered on your machine. The format of the keyring file is such that the name attached to a key is in the clear. This is really a huge hole. Since secret keys are presumed to be in the possession of only those who actually use the keys, possession of a secret key on the secring.pgp is tantamount to proof that you are that pseudonym. In short: everything about a secret key ring should be encrypted. A parallel (not as consequential): everything about a public key ring should be encrypted. Eric