brian at nixthis.com
Fri Aug 18 22:09:43 CEST 2006
We have decided to decrypt using a "special" user and re-encrypt the
file to multiple users. Our concern is that unless we want to do this
manually it has to be scripted and that will require the "special"
user's passphrase to live in the script or on a server in plaintext. No
one in IS wants to add this to their daily responsibilities and we
really should not have access to the data anyway as it is meant for our
David Shaw wrote:
>On Fri, Aug 18, 2006 at 02:34:57PM -0500, Brian Rosenvinge wrote:
>>A vendor will be encrypting files for us and making them available via
>>FTP. We have three users that will decrypt the files at different
>>times. The vendor will not accept more than one key from us and we
>>wanted each of our users to have their own key for security and auditing
>>purposes down the line.
>OpenPGP doesn't work that way. You can either give the single key to
>each user, or have one "special" user decrypt the message and
>then re-encrypt it to multiple users.
>Gnupg-users mailing list
>Gnupg-users at gnupg.org
More information about the Gnupg-users