Unattended signing

Daniele Nicolodi daniele at grinta.net
Sat Feb 21 17:42:40 CET 2015


On 18/02/15 19:46, Daniele Nicolodi wrote:
> I have an automated process that collects some data and unattended sends
> it via email. I want that data to be encrypted and signed. The
> encryption part is easy as it requires only public keys of the
> recipients. Signing, however, requires to make the private key used
> available to the process.
> 
> I have a sufficient trust in the security of the server where the
> automated process runs, but I would like to reduce to a minimum the risks.
> 
> What is the best practices in such cases?  I can imagine several
> possible options: using a subkey of my key (is it possible to remove
> passphrase protection from a subkey?), using a dedicated key, using a
> subkey of a dedicated key and periodically rotate such subkey.

Hello,

I haven't received any comment on this. Is ti because the question is
too dummy, I'm being too naive, or the context is not explained with
sufficient detail?

Thanks for your attention :)

Cheers,
Daniele





More information about the Gnupg-users mailing list