Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Keychain export: workaround' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Keychain export: workaround
Authored by: clements on Feb 06, '04 12:31:28PM

Looks like the best workaround for the problem I reported yesterday is to:
1) create a new keychain,
2) move all keys _other_ than the thawte ones into this new keychain
3) copy the existing keychain to the new machine
4) use the "File>Add Keychain" operation to add the new keychain.

Note that step two can be REALLY tedious, as you'll have to type your password once per key (depends on your settings, of course).

My personal suspicion as to why the public key can't be moved is that it and the private key were both created with the same name. Pure speculation on my part, of course.



[ Reply to This | # ]
Keychain export: workaround
Authored by: thornrag on Apr 06, '04 02:34:45PM

Actually, making sure that someone can't move your certificate to another computer and start signing messages with your cert is the whole point of the system... if it's not a pain in the ass, it's not good security.

If you manage to enable two machines to read the same set of encrypted e-mails using the same set of keys, consider yourself "L337" ... and hope that someone doesn't take a shot at copying your certs to THEIR computer and start digging through your mail.



[ Reply to This | # ]