For important things I write down my passwords and put them in my wallet.
Then I also save another copy somewhere else.
The choice is simple really.
Do you want to keep track of a password..
or depend on the security of every machine in Canonical, every workstation
in the data center that people come into contact with that people use to
access administrative portions of the "cloud"? Do want to trust the
security of every machine on the cloud? Do you want to trust every
employee, every administrator, every janitor that access to the machines
that house your data?
All in all it is a massive undertaking trying to keep data safe and
security for what will be practically forever if you take the approach that
users should take no responsibility for their data!
And it's hugely expensive undertaking, to boot. It is virtually impossible
to do in correct manner if you think about it.
Meanwhile if your job is to handle already encrypted data then it is much
simpler. You could post your customer's data to craigslist and not have to
worry about it.
It is not difficult to print out copies of your keys into ascii armor
format and put a hard copy in a secure place. People do that shit all the
time with all sorts of documents. They rent out lock boxes in banks, go and
get fire-proof safes at Walmart for 50 bucks, and all sorts of stuff like
(and, frankly, the notion that you should never write down your passwords
or create hard copies of your keys is one of the worst pieces of security
"common sense" I have had the misfortune to run into over and over again.)
If you value your data and want to be able to use Ubuntu's cloud service
for anything other then a toy or a cheap way to sync address books then
client-side encryption is just the obvious way to go from my perspective.
I could be wrong, but it makes sense to me.