From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1QhYUh-0001DO-SK for bitcoin-development@lists.sourceforge.net; Fri, 15 Jul 2011 02:51:11 +0000 X-ACL-Warn: Received: from zinan.dashjr.org ([173.242.112.54]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1QhYUb-0003ZY-Vz for bitcoin-development@lists.sourceforge.net; Fri, 15 Jul 2011 02:51:11 +0000 Received: from ishibashi.localnet (fl-67-77-87-241.dhcp.embarqhsd.net [67.77.87.241]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id CEA275605CC for ; Fri, 15 Jul 2011 02:50:57 +0000 (UTC) From: "Luke-Jr" To: bitcoin-development@lists.sourceforge.net Date: Thu, 14 Jul 2011 22:50:42 -0400 User-Agent: KMail/1.13.7 (Linux/2.6.39-gentoo; KDE/4.6.4; x86_64; ; ) X-PGP-Key-Fingerprint: CE5A D56A 36CC 69FA E7D2 3558 665F C11D D53E 9583 X-PGP-Key-ID: 665FC11DD53E9583 X-PGP-Keyserver: x-hkp://subkeys.pgp.net MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <201107142250.44189.luke@dashjr.org> X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.0 AWL AWL: From: address is in the auto white-list X-Headers-End: 1QhYUb-0003ZY-Vz Subject: [Bitcoin-development] Wallet encryption migration X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jul 2011 02:51:11 -0000 Just wanted to get these suggestions out here: 1. Write over the old, unencrypted wallet.dat a couple of times with pseudo- random data in an attempt to secure-delete it. 2. Mark all the keys imported from an unencrypted file (wallet or otherwise) as "potentially compromised" and never use them for new addresses (basically, don't use the old keypool for getnewaddress, change, and such).