[Feature Request] Multiple level subkey
Damien Goutte-Gattat
dgouttegattat at incenp.org
Mon Sep 11 00:01:24 CEST 2017
On 09/10/2017 11:32 PM, lesto fante wrote:
> just to be sure I don't misunderstand, the level 2 key cannot revoke
> the level 1 key, right?
No it cannot.
And to be more precise, in the situation where the level-2 key is
compromised, you actually do not revoke the level-2 key itself (using
the corresponding level-2 private key), you revoke the trust signature
on the level-2 key (using the level-1 private key). The level-2 will
then cease to be valid in the eyes of your correspondents.
> My goal is to bring good privacy at the housewife, while making the
> process even more easier (as it will be as easy as using a wallet).
So you want to bring privacy to the housewife while at the same time
make her rely on someone else (the "son/trust person" you mentioned) to
manage her privacy? But is it still privacy then?
If I had to trust someone else with my privacy, I think I would rather
trust the faceless algorithms running in a Google datacenter than a
person close to me and who keep telling me "don't worry, I'm taking care
of everything, just relax."
(If you think that your son or your "trust person" cannot betray you,
well, by definition you can be betrayed *only* by someone you trust.)
GnuPG (and free software in general) should empower users to take
privacy in their own hands, not incite then to rely on a "trust person".
That's only my opinion, of course.
Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170911/271ec79f/attachment.sig>
More information about the Gnupg-users
mailing list