OpenPGP Secret Key Transfer
Guilhem Moulin
guilhem at fripost.org
Mon Jun 5 16:12:15 CEST 2017
Hi there,
On Sun, 04 Jun 2017 at 17:04:59 -0400, Daniel Kahn Gillmor wrote:
> On Fri 2017-06-02 17:54:46 +0200, Werner Koch wrote:
>> On Fri, 2 Jun 2017 17:14, look at my.amazin.horse said:
>>
>>> Moving secret keys between devices at a meeting, is this a common use
>>> case? Can you elaborate?
>>
>> Project releated (sub)keys. Not very common today but I hope in the
>> future this will be a standard practise.
>
> This idea is neat; but it sounds speculative and only useful to a
> certain subset of people (not everyone is involved with projects that
> use split or shared keys).
For signature verification I think we would need some mechanism to tell
GnuPG to limit the scope of this or that subkey. FWIW I brought that up
to gnupg-devel in autumn 2015, and proposed to use certification
notation to limit subkey scopes:
https://lists.gnupg.org/pipermail/gnupg-devel/2015-November/030576.html
(I wish I could limit the scope of the signing subkey I use for Debian
packages for instance, and take it offline. ;-)
Cheers,
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: </pipermail/attachments/20170605/f5934f54/attachment-0001.sig>
More information about the Gnupg-devel
mailing list