best practice for handing over the private key
NdK
ndk.clanbo at gmail.com
Fri Aug 2 21:06:40 CEST 2013
Il 02/08/2013 14:25, Martin T ha scritto:
> I'm afraid this doesn't work because at the beginning I need to have
> both the private and public key in order to carry out operations in
> RIPE database. I don't see a difference if he generates the key pair,
> uploads the ASCII armored public key to RIPE public database and then
> has to send the private key and password protecting the private key to
> me.
Maybe (I don't know how RIPE database is handled) another, cleaner,
solution is possible.
Initially you "do your work" using your key (or a newly generated key).
When you're done, you replace your public key in RIPE db w/ client's one.
No secret keys need to travel and it's always clear who-did-what.
BYtE,
Diego.
More information about the Gnupg-users
mailing list