[Feature Request] Multiple level subkey

Damien Goutte-Gattat dgouttegattat at incenp.org
Sun Sep 10 21:50:03 CEST 2017


On 09/10/2017 09:17 PM, lesto fante wrote:
>> If your level-3 key is compromised, you revoke it, generate a new one and sign it with the level-2 key. The new level-3 key will be automatically valid for your correspondents.
> 
> what if i lose the level-2 key too? imagine level-2 and level-3 key
> are both on my phone, with NO other copy of the level-2 and level-3
> private key.
> Can i revoke all of them?

You revoke the level-2 key, that will be enough to invalidate the 
signature on the level-3 key.


> If my device is in the hand of a bad person, will he be able to
> compromise my level-1 key

Assuming the level-1 key is not on that device, then no.


> Also i understand the key-level truthiness, but here i want to
> AUTOMATE, make this thing MORE EASY to use than a common password
> approach.

I merely pointed out what is already feasible with the current state of 
the OpenPGP specification and the GnuPG implementation.


> This approach MUST be "housewife proof"; her son/truth person will set
> up the sign key for her and then just tell her to keep the smartcard
> in a safe place. Then to choose a safe password for the SIGN key. That
> is the only password out housewife need, unless she will loose or get
> a compromised phone; at this point, she will call the trust person
> that will take care revoke, and then issuing a new SIGN key on her new
> phone. No need to go and reset ALL of her account and such; all the
> key she had has been already replaced :)

I do not really care for this "user is an idiot, we cannot trust him/her 
to do the right thing so we should do it for him/her" approach.

Damien

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170910/5c73b491/attachment.sig>


More information about the Gnupg-users mailing list