From: wlkngowl@unix.asb.com (Rob)
Date: Sat, 1 Feb 1997 22:02:25 -0800 (PST)
To: zachb@netcom.com ("Z.B.")
Subject: Re: Key Security Question
Message-ID: <199702020625.BAA07602@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On 31 Jan 1997 15:37:01 -0500, you wrote:

>My computer went into the shop a few days ago, and I was unable to take 
>my PGP keys off it before it went in.  What are the security risks here?  
>If the repairman chooses to snoop through the files, what would he be 
>able to do with my key pair?  Will I need to revoke the key and make a 
>new one, or will I be relatively safe since he doesn't have my 
>passphrase?  

Depends how paranoid you are, how  good your passphrase is, how much you
trust the repairman not to snoop, etc.

For the hell of it I'd revoke my key and issue a new one though. It's
not a minor inconvenience, and when people use your old key you can still
decrypt the message... just send 'em a note that you prefer they use you're
current (unrevoked) key.

--Rob