basic identity mgmt
Doug Barton
dougb at dougbarton.email
Fri Jan 15 22:02:19 CET 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 01/15/2016 12:21 PM, Andrew Gallagher wrote:
| On 15/01/16 19:33, Doug Barton wrote:
|> This is a good example of why that method of working with your
|> keys is pointlessly complicated. :)
|
| It's complicated, but not necessarily _pointlessly_ so. Depending
| on circumstances it could be considered minimally prudent. I've
| worked on several projects for more than one financial institution,
| and airgaps like this are considered barely sufficient for some
| important keys. (Of course in such projects the idea of a
| certification subkey not on the airgapped machine would be
| completely unacceptable...)
That's interesting, and you have made me curious ... what's the threat
model? And what is that key certifying?
Doug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWmV5bAAoJEFzGhvEaGryE0DUH/ikPiqoloNaGaKLbhffEdbOy
Vwu/AmBIzqAgG9PRrOMQs0YVu0m+i5LaQiJ+ofiL/6ohWQWk2T5jny4mL+n2I/BP
Mposz7GYQcTHM0+4Dn7CTuEkGow0afOCqFte1FTibGb8amDquExn9EpfvBJeTde3
+Tfkh8HJFgWj/Kc1dxz4QR9bt7M5Z++XdstjOBE4vkJHsnbb8RsPMO6ammS5Vncf
EHJpmwNjz67p5dWyi2DsHA5q7epW02tpqqwQCpRbZzf2Qd/t6k9glGuk3kZMkI6T
x57YyOCO4J8skDQbffmqk0u7vb5Ogt4CdcyM8NKRZVo+DRV/pojt3tDuwXiX//E=
=Y3Xu
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list