GPG, subkeys smartcard and computer
Stefano Tranquillini
stefano.tranquillini at gmail.com
Thu Feb 16 16:04:51 CET 2017
Hi all,
I'm sort of new to GPG/PGP, I'm not new to the encryption/crypto world and
to computers, however, some concepts are yet not clear to me.
I can't get my head around on how to use GPG in the "correct" way to
guarantee the maximum result. That is: protect, at the best, my privacy and
also don't get the system too complicated.
The problems that I've are multiple, I'll try to summarize them here asking
for help. I've read the manual, but it's a bit outdated, and online I found
scattered information that does not always explain why some decision are
made.
My ideal setup is:
- Master generated on offline pc and stored in a cold storage
- subkeys for the pc (main pc, that I use everyday) - i need
(A)utenticate (E)encrypt (S)ign keys
- subkeys for the smartcard - if I use a pc of someone else, and as
backup for what is worth. (In the future I may switch to just the
smartcard, removing the keys from pc, but I would like to have the keys on
the pc for time being)
- I would like to avoid moving the master ouside the offline pc/cold
storage
Create the master:
I should create the master on a device that is not my primary one and that
is not online. It seems kind of freak approach to me, but I can understand
why. Once created, I backup it to a file which I store on a usb key or
somewhere outside of computers. With the master I can create, later,
subkeys for what I need and the revoke certificate in case of compromised
subkeys. Other than the master key, do I've to export anything else (not
talking of subkeys yet, that's next topic)?
When creating the master, I've two possibility: (i) use the dafault setting
that results in a (SC) key or (ii) set it as only (C). The best solution
seems to be the second, right? (
http://security.stackexchange.com/questions/32386/why-do-pgp-master-keys-only-have-a-single-subkey-and-tie-certification-with-sig).
Is it worth to use that approach or, as of today, the (i) is fine? I still
don't get the full benefit of one or the other solution
Create the subkey
With the master key I can create subkeys. I should do it from the offline
pc in which I created the key, or import the master in a pc and then create
the subkeys (it doesn't sound so safe though). Now:
- should each subkey be for only one scope (A) (S) (E) or is it fine if
one key does two or three scopes (ASE) or (SE)?
- once subkeys are creted I've to export them and also their revoke
certifications (do they have one)? correct?
- I've a smartcard, but I've also a pc, should I create 6 subkeys, 2
for A, 2 for S and 2 for E and move the 3 A S E to the yubikey and the
other 3 to the pc?.
- moving the keys on the smartcard is done via "keytocard" but to
move the keys on the pc I've to export subkeys, will this export also the
keys on the smartcard and then I'll need the smartcard to access some of
those? how can I decide what to import where?
- Do I've to rexport my public key or anything else to let the world
know my subkeys?
- Do I've to export anything else to achieve my scenario's goal?
Am I missing anything? Or is there anything that can guide me to achieving
my goals?
PS: Sorry for the long questions, but I can't find online something that
explains my scenario. Solutions are for base cases or for smart-card only.
Well, probably there's a guide, but I can't find it out.
--
Stefano
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170216/976beed9/attachment-0001.html>
More information about the Gnupg-users
mailing list