one key/pair for multiple email accounts

eMyListsDDg emylistsddg at gmail.com
Tue Jul 8 21:48:30 CEST 2014


@Kristian
@TheFuzzyWhirlpoolThunderstorm
@Micha

appreciate all the replies. all good insights. i've got a better picture in my head of how to manage my keys now. 



> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512

> On 07/08/2014 11:15 AM, The Fuzzy Whirlpool Thunderstorm wrote:
>> On Tue, Jul 08, 2014 at 10:54:18AM +0200, Kristian Fiskerstrand
>> wrote:
>>> Wouldn't necessarily be to _hide_ anything either. I tend to use
>>> it as a role-based approach, e.g. I have an own key for my work
>>> address (that is barely used at all, but it _is_ available). The
>>> primary reason for this is that I have that key located on the
>>> company computer which is under the control of the IT department,
>>> not me, so wouldn't want to use my own personal keys for that.
>> There is no limitation of how many keys can be associated with a
>> single mail address. You may generate one key for each computer you
>> are using and tell your contacts to encrypt the messages with a
>> specified key.

> If you are talking about subkeys here, that works nicely for signing
> keys, not so much for multiple encryption subkeys.


>> For example, on a private subject - you may use the key stored on
>> your private computer, so that the sender will ensure that you read
>> the encrypted message on your private pc not on your public
>> system.

>> If privacy isn't absolutely needed, you may use the key stored on
>> your public system managed by another administrator. Your key is
>> safe, as long as you protect it with an uncrackable passphrase. The
>> system administrator may gain access to your private key file, but 
>> not to your private key usage right.


> What is to stop them from installing a keylogger if they wanted to?

>> One last thing to remember: if you don't trust the system, don't
>> store any private key on it. That's a bit paranoid, but it's better
>> to be safe than to trust and regret later.

> Thats not paranoid, that is good security management.





-- 
Bill
Key fingerprint = DB4D 251B FE8A BDCD 2BE4  E889 13F1 78D0 A386 B32B




More information about the Gnupg-users mailing list