group key?
Jerry Windrel
jerry.windrel at verizon.net
Mon Apr 26 20:04:59 CEST 2004
Can you please expand on the notion of what you mean by a "group key"? Is
such a thing commonly used and in what situations?
Just to give you a reference point for possible correction... what I'm
imagining you mean is that a key pair is generated and assosicated, not with
a person as is customery, but rather with a group. The private key (and any
passphrase) would then be distributed to all members of the group (which
would be quite an unorthodox practice, in terms of PGP). Then, all messages
to the group would be encrypted to that "group key".
The ramifications of this would be: the group private key would be only as
secure as the weakest practices of any of the group members; you would be
able to add but not remove members (unless you generated a new group key).
Please clarify and correct as necessary
------------------------------------------------------------------------
There is no single group key for all users, perhaps because new users are
using new keys which, by nature, are untrusted.
--
Neil Williams
More information about the Gnupg-users
mailing list