Multiple email addresses - any alternative to ask everyone to sign all my keys?
expires2013 at ymail.com
Thu Jul 25 15:43:07 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
On Wednesday 24 July 2013 at 10:33:18 AM, in
<mid:51EF9F5E.7030502 at spth.de>, Philipp Klaus Krause wrote:
> I just want multiple security levels: Decrypt mail
> addressed to the university address, but not mail
> addressed to my private address on the university
> computer. Decrypt both types of mail on my private
If the University allows this, it suggests a hole in their data
security policies. Assuming they are up to scratch with their own
firewall, anti-virus, security updates, etc. they have no control over
such things on the private computers of their staff. It sounds like
what you actually need is, for example, a University laptop to access
your University email when away from your office.
> After all the security I want works when
> using two separate keypairs (but that has the
> disadvantage of other people having to sign multiple
Nobody *has to* sign *any* key unless they want to.
In the case of your University key, why does it need signatures from
anybody other than the University's own IT or security departments?
And does the University set an additional decryption key (so that
communications can be answered in the event of a staff member being
unexpectedly unavailable) and a designated revoker (for use as soon as
a staff member leaves)?
MFPA mailto:expires2013 at ymail.com
The secret to creativity is knowing how to hide your sources.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users