Multiple email addresses - any alternative to ask everyone to sign all my keys?
Christopher J. Walters
cwal989 at comcast.net
Wed Jul 24 00:24:02 CEST 2013
On 7/23/2013 3:55 PM, Philipp Klaus Krause wrote:
> Am 23.07.2013 21:04, schrieb Heinz Diehl:
>> On 23.07.2013, Philipp Klaus Krause wrote:
>>
>>> Of course it is annoying to have to ask everyone to sign three keys -
>>> after all they are all my keys, and the people I ask to sign my key all
>>> get to see the same passport. Is there a better alternative?
>>
>> Create/use one key, and add all the different addresses.
>>
>>> I do not consider my university computer safe enough to trust it with
>>> the private key for my private mail.
>>
>> In this case, why should anybody else trust in the integrity of your
>> identity? If you don't trust this machine, revoke the key and don't do
>> anything confidential on/with it.
>>
>>
>
> That's not a practical solution. I want to be able to read encrypted
> mail sent to my university addresses on that machine.
>
> Philipp
While it is generally considered good policy to use any cryptographic software
on a computer you do not trust, given your reason for wanting to use GnuPG on
the untrusted university computer, I have a suggestion.
Make a Live GnuPG USB thumb drive - make sure that you set the default path to
be the USB drive, and not the HDD of the university computer. Thus all of your
keys would be on the USB drive and none on the untrusted computer. If your
private keys are already on the untrusted computer, then I can only suggest
revoking them and creating new ones on a trusted computer - with the keyrings
stored on the Live GnuPG USB drive.
Regards,
Chris
More information about the Gnupg-users
mailing list