[rini17]

Has anyone of these activists ever considered the appalling inability of average person to manage private keys properly? Whether it is Bitcoin, pgp, whatever else, using private keys on own hardware where noone else has access to is absolute prerequisite of successful decentralized crypto. Yet the privkeys keep getting leaked,stolen,lost(including Zimmermann's pgp key),cracked(due to generation by buggy software) without any good solution in sight.

[microtonal]

You will have a hard time stealing a private key remotely from a good hardware token.

(Of course a compromised machine can be used to sign using a hardware token, but that's a different level of compromise than getting the private key.)

[rini17]

Obviously the token can be stolen,too. Also,people all the time voluntarily allow others to use their tokens if convenience demands it.

Your comment is also a good example of how the concern 'people can't manage privkeys well' keeps getting handwaved away, with sad results.

[david-given]

Sounds like the obvious solution here is to provide a blessed and convenient way for one person to allow another to use their tokens in a limited fashion.

What's the actual use case here? What are people wanting to do when they do this?