Splitting encryption/signing between two gpg processes?

Werner Koch wk at gnupg.org
Wed Feb 22 17:44:45 CET 2012

On Wed, 22 Feb 2012 17:18, joanna at invisiblethingslab.com said:

> Unfortunately the above setup has the following drawback -- in order to
> encrypt messages to other people, and/or to verify other people's
> signatures, one would need to import all those people's keys into the
> 'keys' domain. This is something we would like to avoid, as it

Did you consider to use GnuPG-2?  You would run gpg-agent in your
trusted VM and gpg in the work VM.  GnuPG-2 has been designed to
separate private key and public key operations.  Currently gpg-agent and
gpg run on the same machine using a Unix domain socket for IPC.  However
there is nothing which prevents the use of another communication
channel.  In fact, when I ported GnuPG-2 to WindowsCE I modified our
libassuan IPC library to allow TCP connections for easier testing.

The 2.0 branch implements this design only for GPGSM (S/MIME), but the
2.1 development version fully implements the design and keeps the
OpenPGP keys solely under the control of the gpg-agent.  I am using 2.1
for more than a year now.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list