Comment 4 for bug 269403

"The file is still encrypted with the private key's password. I don't think there's any more danger than the file sitting on their computer."

Firstly, by default when you create a new key it is not password protected. I didn't even realise this was something you could do in Seahorse until I saw it mentioned above. This in itself is a bug. Secondly, the kind of passwords used by normal people are eminently hackable once they're in the wrong hands, so yes, it is much more dangerous to have my password-protected key out there in public than having it on my computer.

But in general this cavalier attitude to what is supposed to be important security infrastructure is shocking. In the real world, you just don't put the button to shut down your nuclear reactor's coolant system next to the button that makes the coffee. You don't put it anywhere remotely accessible by anyone not deliberately looking for it, and you hang a big sign on it. I completely disagree with the original poster: one warning is not nearly enough.

As a first step, "Export Complete Key" should be renamed "Export All Private Keys". The file it generates should not be "<Name>.asc" but "<Name>'s Private Key.asc". Then, it should come with a warning that the generated file should be protected. Next, that shouldn't even be a button on the "Details" tab, it should be hidden in a menu somewhere (if it's needed at all). Alternately, make it an option in the "Export Public Key" dialog to include the private key (off by default, obviously). The button on the details tab should be repurposed to do an "Export Public Key". Finally, the icon for "Export All Private Keys" should be redesigned to be completely different to that for "Export Public Key". Probably something along the lines of a big red explosion with body parts flying out.