basic identity mgmt

Doug Barton dougb at dougbarton.email
Fri Jan 15 22:02:19 CET 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01/15/2016 12:21 PM, Andrew Gallagher wrote:
| On 15/01/16 19:33, Doug Barton wrote:

|> This is a good example of why that method of working with your
|> keys is pointlessly complicated. :)
|
| It's complicated, but not necessarily _pointlessly_ so. Depending
| on circumstances it could be considered minimally prudent. I've
| worked on several projects for more than one financial institution,
| and airgaps like this are considered barely sufficient for some
| important keys. (Of course in such projects the idea of a
| certification subkey not on the airgapped machine would be
| completely unacceptable...)

That's interesting, and you have made me curious ... what's the threat
model? And what is that key certifying?

Doug

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWmV5bAAoJEFzGhvEaGryE0DUH/ikPiqoloNaGaKLbhffEdbOy
Vwu/AmBIzqAgG9PRrOMQs0YVu0m+i5LaQiJ+ofiL/6ohWQWk2T5jny4mL+n2I/BP
Mposz7GYQcTHM0+4Dn7CTuEkGow0afOCqFte1FTibGb8amDquExn9EpfvBJeTde3
+Tfkh8HJFgWj/Kc1dxz4QR9bt7M5Z++XdstjOBE4vkJHsnbb8RsPMO6ammS5Vncf
EHJpmwNjz67p5dWyi2DsHA5q7epW02tpqqwQCpRbZzf2Qd/t6k9glGuk3kZMkI6T
x57YyOCO4J8skDQbffmqk0u7vb5Ogt4CdcyM8NKRZVo+DRV/pojt3tDuwXiX//E=
=Y3Xu
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list