[Feature Request] Multiple level subkey

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Sep 10 16:36:58 CEST 2017


On Sat 2017-09-09 00:50:56 +0200, lesto fante wrote:

> Maybe this is not the right place to discuss about this, please be
> kind with a noob.

this is the right place, welcome!

> My user case is simple; maintain my identity even if my master key is
> compromised. Tho achieve that, I think about a multilevel subkey
> system.

I'm not sure how the proposed multi-level system is an improvement over
an offline primary key.  It's certainly more complicated, but complexity
is a bug, not a feature.  can you explain why you think it's better?

with an offline primary key, you only put subkeys on any device that's
used regularly.

That said, even offline primary keys aren't super easy-to-use at the
moment, more work could be done to streamline that use case.

> ps. is anyone aware of some kind P2P system to share keys?

are you asking about secret key sharing (between devices controlled by
the same person) or public key distribution?

    --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170910/3e688f6c/attachment.sig>


More information about the Gnupg-users mailing list