Splitting a GPG private key
masterkorp at masterkorp.net
Tue Apr 7 15:14:09 CEST 2015
> Do you want to require multiple people to come together to use that
> secret key? or do you want them each to have the ability to use the key
> independently from each other?
The objective is require multiple people to use that secret key. Yes
> The answer about what to do would depend on how you want the key to be
Basically this key would a part of the encryption group of all the other
credentails. And to be the only key to encrypt extremely sensitive data
> It's not clear to me that we have a functional workflow to support the
> first scenario (where multiple people must come together to use the
> secret key) without a lot of overhead for the users.
> My understanding is that the Tails community does something like this,
> but they are a highly-technical group who are willing to custom-build
> their own tools and to endure quite a bit of tedious and inconvenient
> process to protect the safety of their users.
Do they have this documented somewhere.
> Consider that anyone who ever has access to the raw secret material of
> the shared key can effectively make a copy of it and then use it
> elsewhere in the future.
Yes, the key joining is a whole proccess on an offline machine with the presence
of all elements.
> If you can define your desired use cases more clearly, maybe someone on
> this list can propose an effective workflow for you.
I am open to any suggestions.
Thank you for you input!
GPG/PGP Key Fingerprint
68FC B06A 6C22 8B9B F110
38D6 E8F7 4D1F 0763 CAAD
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: not available
More information about the Gnupg-users