best practice for handing over the private key
m4rtntns at gmail.com
Fri Aug 2 14:25:46 CEST 2013
I'm afraid this doesn't work because at the beginning I need to have
both the private and public key in order to carry out operations in
RIPE database. I don't see a difference if he generates the key pair,
uploads the ASCII armored public key to RIPE public database and then
has to send the private key and password protecting the private key to
2013/8/2, NdK <ndk.clanbo at gmail.com>:
> Il 02/08/2013 12:51, Martin T ha scritto:
>> shipping the USB memory stick. Better ideas?
> It's a wrong thing from the start.
> Let the user generate his key pair. Get his pubkey in a secure way
> (maybe for you it's enough if he sends you a snail mail hand-signed w/
> the key hash) and send it to RIPE (maybe signed by your key).
> If you have the secret key at any point in time, it's always doubtful
> who signed something.
More information about the Gnupg-users