trusting secret keys

Johan Wevers johanw at
Fri May 14 09:38:43 CEST 2004

Atom 'Smasher' wrote:

>i would think that if someone has possession of both the private and
>public pieces of a key, there's no reason why the key shouldn't be
>trusted... at least as a default. are there situations where one can't (or
>shouldn't) trust them self?

I can think of a multi user (company?) setup where several secret keys with
different passwords are on a server, and someone can only use the key where
he/she knows the passphrase from. In that case, having access to the secret
key isn't enough, knowing the passphrase is also required.

ir. J.C.A. Wevers         //  Physics and science fiction site:
johanw at   //
PGP/GPG public keys at

More information about the Gnupg-users mailing list