trusting secret keys
johanw at vulcan.xs4all.nl
Fri May 14 09:38:43 CEST 2004
Atom 'Smasher' wrote:
>i would think that if someone has possession of both the private and
>public pieces of a key, there's no reason why the key shouldn't be
>trusted... at least as a default. are there situations where one can't (or
>shouldn't) trust them self?
I can think of a multi user (company?) setup where several secret keys with
different passwords are on a server, and someone can only use the key where
he/she knows the passphrase from. In that case, having access to the secret
key isn't enough, knowing the passphrase is also required.
ir. J.C.A. Wevers // Physics and science fiction site:
johanw at vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users