Multiple email addresses - any alternative to ask everyone to sign all my keys?

Robert J. Hansen rjh at sixdemonbag.org
Thu Jul 25 00:06:50 CEST 2013


(My original reply went just to Philipp.  My apologies.)



On 7/24/2013 1:53 AM, Philipp Klaus Krause wrote:
> Maybe having a look at the following scenario will help:

Unfortunately, this is not casting very much light on things.  The use
of phrases like CONFIDENTIAL, SECRET and TOP SECRET have very specific
meanings in NATO countries, and you're using them here in ways that are
at odds with their NATO meanings.

Let me try this rephrasing:

You have three machines: Fry, Leela and Bender.  Fry is your smartphone,
Leela is your desktop and Bender is your "secure" desktop.  Email to
you at fry.yourdomain goes to ... what, all three of them?  Email to
you at leela.yourdomain goes to Leela and Bender, and you at bender.yourdomain
goes only to Bender.

Further, each piece of traffic can receive any of three classifications:
C, S or TS.  You can send C traffic to Bender: the necessary keys to
decrypt it are held there.  However, although you can technically send
TS traffic to Fry, Fry can't decrypt it: the keys aren't there.

If I have this right, then you've walked straight into the Bell-LaPadula
security model.  You'll be well-served by reading up on it: a good
academic reference will answer many of your questions.

The short answer is, "OpenPGP by itself will not be sufficient for your
purposes.  It might be able to provide a couple of tools, but what you
want to achieve is far beyond the scope of OpenPGP."




More information about the Gnupg-users mailing list