multiple keys with different UIDs and common WoT?

Klaus gpgml at gmx-topmail.de
Sat Nov 30 18:58:07 CET 2013


Hi,

I am currently planning how I set up my keys and I ran into the problem, that I have to read work-related mail on an theoretically unsecure machine at my workplace. This means I don't want to use or even install my keys on this machine. This led me to the idea of having two keys: one for work and one for private stuff i.e. more paranoid.

I first thought about using one master key for this with multiple subkeys (which I'd also use without this particular problem), of which I install the private one only at home and the other one both at home and at work. However, apparently it is not possible to assign UIDs to subkeys, but only to the master key, with no possibility to indicate which subkey to use for which email.

The only possibility I see currently, is having two master keys, which requires me to build a WoT for both keys and even rebuilding it from scratch when I get a job somewhere else.
While this is the preferred way for completely disjunct identities (e.g. job and political activities), it is an unnecessary bulk of additional work in my case.

Another way would be to have one ultra-master-key (TM) with only my name, which I use to sign the master keys for different emails. But as far as I read about gpg, this is somehow bad because I will be the only one signing the keys that are actually used as master-keys.

So my question is: Is there some mechanism that allows me to have the features mentioned above, or do I really have to build multiple separate WoTs?

Klaus
-- 
Diese E-Mail wurde aus dem Sicherheitsverbund E-Mail made in
Germany versendet: http://www.gmx.net/e-mail-made-in-germany



More information about the Gnupg-users mailing list