Mike Johnson wrote:

Naturally, the two aren't mutually exclusive, but I'll not buy a vault door for my house unless I've got a vault to put it on.

Perhaps not, but I would not call a person who decides to do so, for reasons of his own, "rabid, clinically paranoid" - a phrase you used in your original post. While I might chuckle at his inconsistent approach, I wouldn't call the men in white coats to take him away. In fact, I DON'T KNOW whether his approach is "reasonable" or not until I have a chance to evaluate the perceived threat he's protecting against. If the potential burglar he's concerned about is an expert lockpicker who has a phobia about breaking glass, then your hypothetical "vault door" *MIGHT* make sense, to continue the analogy. The point being, I'm not in a position to make that decision for him. Technically, it might be easier to use the third degree on someone rather than attempt to break even a 384 bit public key, but sheer level of effort is not always the whole story. Let's say I stumbled across an encrypted message from someone I knew, not addressed to me, that I thought might be "interesting" to decipher. I *MIGHT*, hypothetically, be willing to write a program that would run in the background on my PC, even if it took many, many years, or even decades, to arrive at a solution by brute force. Breaking into the guy's house, or torturing his passphrase out of him might be "faster", or "easier" for me, but that's not the nature of the "threat" I'd pose, since I, as an "attacker" would also be weighing risks versus rewards. While I might be willing to wait years or even decades to satisfy my curiosity, the message is probably not valuable enough to risk a prison term for. Thus, a longer key, more layers of encryption, etc. might make more sense (for him against me) than buying an expensive safe to store his keyring in, or splitting it up as a "shared secret" so that a "rubber hose" attack on any one person would not reveal the entire key/passphrase. Also, the envelope of encryption protection needs to be "pushed". As processing becomes faster and cheaper, currently "secure" technologies could become vulnerable. What seems "clinically paranoid" today might seem "reasonable" in a decade or two, who knows? Why not get them tested and proven BEFORE they're absolutely needed, even if that testing is at the hands of people willing to risk being considered "paranoid"? /--------------+------------------------------------\ | | Internet: davesparks@delphi.com | | Dave Sparks | Fidonet: Dave Sparks @ 1:207/212 | | | BBS: (909) 353-9821 - 14.4K | \--------------+------------------------------------/