Multiple Subkeys/UIDs

[Grimes, Dean]

>You mention that all data enters the central location encrypted, but is
then decrypted ("for processing") and then re-encrypted.

The processing script would most likely decrypt the file piping the output
into the processing program. Once processing is complete, the script would
then mv/cp the already encrypted file to it's storage location. There would
be no need to re-encrypt the file.

>Also: once a file is archived, is it still writable?  That is, is it
>permissible to go back and edit this file to remove a particular key
>from it?

No. The file would not be editable nor would any other process write to the
file. The only activity allowed on the file would be to decrypt for reading
purposes in a designated work area to be determined and set forth in the
policy.

Dean


-----Original Message-----
From: gnupg-users-bounces at gnupg.org
[mailto:gnupg-users-bounces at gnupg.org]On Behalf Of David Shaw
Sent: Monday, March 21, 2005 1:40 PM
To: gnupg-users at gnupg.org
Subject: Re: Multiple Subkeys/UIDs


On Mon, Mar 21, 2005 at 01:28:30PM -0600, Grimes, Dean wrote:

> Is this possible to do with GnuPG? It wise to do something like this? Is
> there anyone else besides me who has this situation or one similar? If so,
> how did you/they solve the problem? Any help would be greatly appreciated.

There seem to be a few ways to accomplish what you want to do here.
Can I get a little more information before I comment?  You mention
that all data enters the central location encrypted, but is then
decrypted ("for processing") and then re-encrypted.  Do I understand
that correctly?

Also: once a file is archived, is it still writable?  That is, is it
permissible to go back and edit this file to remove a particular key
from it?

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users