Advice on key set-up for work at employer
taltman
taltman at gmail.com
Thu Aug 4 02:37:00 CEST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I would like people's advice on the optimal set-up for the following
scenario:
I would like to use GPG encryption at my work, both for encrypting files
and for protecting email correspondence. The trick is that I can image
that at some point far in the future, if I need to leave my work for
whatever reason, they'd want access to those files.
The threat model here is, as an employee, I want to protect the
corporate data as best as I can, but I trust my employers to have access
to their own data. In other words, I'm not trying to hide anything from
my employer. I also anticipate that while unlikely that they'd be
interested in getting access to this data, I still need to provide a
mechanism for them to retain access. I'm assuming that this will involve
giving them access to the keyring files, and the password to the keyring
.
Assuming that I couldn't just re-encrypt everything to a different key
at that far-flung date, and that I wouldn't want to forfeit my private
key and password to my personal GPG keyring, I think that the following
set up would be optimal:
1. Create a new GPG keyring specific for my identity with my employer
2. Cross-sign my existing personal GPG key with the employer-specific
GPG key
3. Do proper key hygiene things (backups, revocation certs, etc.) on
employer-specific key
It seems with this set-up I can simply just turn over the password to
the private key of the employer-specific GPG keyring if I'm ever
obligated to give them access to their files. This keeps a nice clean
separation between their property, and my personal GPG keyring. When it
comes time to end my time at the employer, I can revoke the
employer-specific key. If I no longer am able to use the
employer-specific GPG keyring, I can at least revoke my signature of the
employer-specific keyring if my former employer gains the password to
the keyring.
As far as I can tell, just creating a separate employer-specific set of
signing/encrypting/authenticating sub-keys wouldn't be sufficient, but
I'm open to someone showing me that I'm mistaken.
I'd be interested in hearing people's thoughts on this scenario. Thanks
in advance!
Best regards,
~Tomer Altman
- --
- ---
Encrypted email preferred.
GPG Public Key: https://bit.ly/1S5qWZJ
Key fingerprint = DFE8 7D60 D452 9C4F 5D1F 7515 F55F BB30 1719 7991
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXoo4sAAoJEMAutzpeVLZSpfEP+wZVU9S+OwYQVvpIE0YVLzZP
IzTdDuNePSxO2AtC+x3N8m1F+5Vv6caQj7Dry6XONDaDVhA3JUR0p2xBlE1Gd/+s
DyTStaU0a/7lo+tenxB8rrSSt1nsFeeh6wRYC+ZW93/JjuaeC4dp0GHiiZFNEbnZ
fGbALp3nhBKY7mhLq50X5nKCJhPt//arF4uK7NHVvP5Ttq88ngN3c6Dyx+LPnw2S
EY8WoojsO74PchHPGJie2blbGwGS+Yq4Eh42GRCVQ+UB2Ko8vn9UfkI6/4NHvmgc
B6bgqSET3Cgzt00pa641ZriTO75RZTCZ+zSYEEFyXzJti0vhUSX2XX0qABfxTOjs
wnEUTqIO28gAkMk6cqWm0Pv/qmvfntA+Q/xyyp1im60xb/zsGA4xgqObDATFTyFG
B/wk3bEElOHGpwXIIC78ITlBt+Oee25LyAuxZEXu6mrKZ3bFQySflYQTDS79jcyK
uO4kUiBKiRbJDvDWth+v9PvPTxgZ14/bv8OqtEo9mHAz5gJWuo8BgtAjgizjGio0
zOUhcH4sQxwtNEU6VyJ9NKI/2MG7CkzwXAgndPN6LYLr6JJClrduhH+1+eHfEgoN
jXeVFPlr9AMZe58ONXydbQ2jg/v6Kv5gHtvMnxzAsg3NB6tHYzWMoIpnvrXUjdiX
M/QxHyEJbZWR/hgjoGiW
=MOFm
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list