Multiple recipients

Janusz A. Urbanowicz alex at
Mon Aug 21 12:17:41 CEST 2006

On Fri, Aug 18, 2006 at 03:09:43PM -0500, Brian Rosenvinge wrote:
> We have decided to decrypt using a "special" user and re-encrypt the 
> file to multiple users.  Our concern is that unless we want to do this 
> manually it has to be scripted and that will require the "special" 
> user's passphrase to live in the script or on a server in plaintext.  No 
> one in IS wants to add this to their daily responsibilities and we 
> really should not have access to the data anyway as it is meant for our 
> finance department.

put the special key on a smartcard with no passphrase, only the
physical avaliability of the sc will descrypt the data, and the key
will be unstealable electronically


More information about the Gnupg-users mailing list