best practice for handing over the private key
ndk.clanbo at gmail.com
Fri Aug 2 21:06:40 CEST 2013
Il 02/08/2013 14:25, Martin T ha scritto:
> I'm afraid this doesn't work because at the beginning I need to have
> both the private and public key in order to carry out operations in
> RIPE database. I don't see a difference if he generates the key pair,
> uploads the ASCII armored public key to RIPE public database and then
> has to send the private key and password protecting the private key to
Maybe (I don't know how RIPE database is handled) another, cleaner,
solution is possible.
Initially you "do your work" using your key (or a newly generated key).
When you're done, you replace your public key in RIPE db w/ client's one.
No secret keys need to travel and it's always clear who-did-what.
More information about the Gnupg-users