Distributed symmetric key management
Jerome Baum
jerome at jeromebaum.com
Sat Jun 18 10:48:32 CEST 2011
> Each directory has a key attached to it. My main machine, which pushes
> all changes, has 'access' to all keys. My other machines just 'have' a
> subset of all keys. I do not think asymmetric encryption makes much
> sense here. Rather than that, I'd use symmetric encryption using keys
> generated with 'gpg2 --gen-random 2'.
Why does asymmetric encryption not make sense? You could picture an
asymmetric key-pair as a single symmetric key. In fact, for all
practical purposes, if you never separate the private and public
components, an asymmetric key-pair *is* a symmetric key. The only
difference is: gpg has built-in functionality to handle asymmetric
key-pairs.
--
Jerome Baum
tel +49-1578-8434336
email jerome at jeromebaum.com
web www.jeromebaum.com
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
More information about the Gnupg-users
mailing list