one key/pair for multiple email accounts

[Kristian Fiskerstrand]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 07/08/2014 11:15 AM, The Fuzzy Whirlpool Thunderstorm wrote:
> On Tue, Jul 08, 2014 at 10:54:18AM +0200, Kristian Fiskerstrand
> wrote:
>> Wouldn't necessarily be to _hide_ anything either. I tend to use
>> it as a role-based approach, e.g. I have an own key for my work
>> address (that is barely used at all, but it _is_ available). The
>> primary reason for this is that I have that key located on the
>> company computer which is under the control of the IT department,
>> not me, so wouldn't want to use my own personal keys for that.
> There is no limitation of how many keys can be associated with a
> single mail address. You may generate one key for each computer you
> are using and tell your contacts to encrypt the messages with a
> specified key.

If you are talking about subkeys here, that works nicely for signing
keys, not so much for multiple encryption subkeys.

> 
> For example, on a private subject - you may use the key stored on
> your private computer, so that the sender will ensure that you read
> the encrypted message on your private pc not on your public
> system.
> 
> If privacy isn't absolutely needed, you may use the key stored on
> your public system managed by another administrator. Your key is
> safe, as long as you protect it with an uncrackable passphrase. The
> system administrator may gain access to your private key file, but 
> not to your private key usage right.
> 

What is to stop them from installing a keylogger if they wanted to?

> One last thing to remember: if you don't trust the system, don't
> store any private key on it. That's a bit paranoid, but it's better
> to be safe than to trust and regret later.

Thats not paranoid, that is good security management.


- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Audaces fortuna iuvat
Fortune favors the brave
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTu7dNAAoJEPw7F94F4TagePIP/14KSkfCJZu+H3aKb7Tz75Sa
n9JmzlEfPmj8vxOdtCujUYfvDrqep3pSJySTQe/UL1eaFftX5fLALt5wYrFL3td8
VmakW3rOyV6vSw2KiYQgALUWIzaNl6Zakh3Pr4n7Eqid2JujIZj3FB1upWUYljRp
eoSPfnYrYYBo4CjohQzljnKB1256Gcrbv/CdBVn5hby8D9OwkTKH3ggByxwnKtfM
bt+cqtxxJPSoXlMl9F7ikOMPfis1zQmc4MSD31xzvjYKT+sl8FR9NI9LAMwxv5DU
+hoOVCUzQOkXg3aN+c07pn26fzQ2Dryg8t21mLzpV+g1W9txFOuqhM4/qrISNtD6
reortHhHFhz7C9BI0WVBc5XRNbn097byfOKmOGOxcXrInP8lgVKOOFMeHT59P61E
H7+/MmKOm2KMs8bgBzlHdtTlp9fzFZpwEYZutKxhjuQWAQ9nFnucxiABpEoqJL1c
0KLWUTBrVJO+OBkztTyuhu684xPlYXrY3F26aSKkukzSdDu+T1OvXPptI9k94/cO
4LyUOahzAK6TOOCLkNMuQVCCq+xqxUHnXCY8n4WuC4MC0RxbComZqqJguBmmVYV0
SSAzq+nrDjWxFkhAUjJ7XV+RRaZbbKB10LLCvR5JPzNYyGsVn4QtnrBJ81AHq9W6
GskUifIhMgOCn/ymIRGp
=AAy0
-----END PGP SIGNATURE-----