implications of subkeys?

David Shaw
Fri Mar 1 20:38:02 2002

On Fri, Mar 01, 2002 at 05:12:24PM +0100, Janusz A. Urbanowicz wrote:
> Steve Butler wrote/napisa?[a]/schrieb:
> > The more comments I read, the closer I come to believing the best bet is a
> > key set for work and a totally separate key set for home.  Or more
> > precisely, a personal set and a business set.
> Don't do this. I did this once and still regret (my experiences with 'legacy
> v3 key' are a dim echo of this past). It complicates your web of trust
> position, you have two set of user-ids to gather signatures, you never know
> if your correspondent has the right key on and generally the hassle is
> significant. And significantly bigger than for single key.

Hmm.  Personal preference, I think.

For me, I always felt it was better to seperate my work life from my
personal life - that means two email addresses, two different keys,
etc.  There is inevitable overlap, of course, but it works well for me
that way.  It also works better if the company requires things like a
company revocation key, or worse, a company ADK.  I wouldn't want that
on my personal key.

In the USA, at least, I have read about possible legal issues with
regards to the boundaries between private and company communications.
If I send a private email from a company email address, the company
can under some circumstances ask for a copy of it.  (I am not a
lawyer, laws are different everywhere, etc.)


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson