[Feature Request] Multiple level subkey

Mon Sep 11 01:09:41 CEST 2017

>And to be more precise, in the situation where the level-2 key is compromised, you actually do not revoke the level-2 key itself (using the corresponding level-2 private key), you revoke the trust signature on the level-2 key (using the level-1 private key). The level-2 will then cease to be valid in the eyes of your correspondents.

this is perfect, it also mean that revoking level2 i would also
invalidate all its subkeys. I will look into it.

>So you want to bring privacy to the housewife while at the same time make her rely on someone else (the "son/trust person" you mentioned) to manage her privacy? But is it still privacy then?

the idea is that the system is very simple for the end user, as of
now, you really have to KNOW exactly what you are doing, and if you
get something wrong you compromise your whole security; this scare
away all this less-than-perfect user (such as myself), the more the
system is error-resistant, the more likely they jump in, and do
themselves.
In reality the great improvement is more on the user interface side,
but i need to understand what i can do on the lower level, and build
up around it.
A housewife that need help to set this up (aka, install the software,
connect the hw wallet and press one button and add a password), is one
that need help to set up his homebank, email and socials; she would
use the same user/password for all the services, with the password
probably "password" or something else in the list of the 100 most used
password. So she is not really loosing any privacy over this; actually
we are making the system safer even for her.

2017-09-11 0:01 GMT+02:00 Damien Goutte-Gattat <dgouttegattat at incenp.org>:
> On 09/10/2017 11:32 PM, lesto fante wrote:
>>
>> just to be sure I don't misunderstand, the level 2 key cannot revoke
>> the level 1 key, right?
>
>
> No it cannot.
>
> And to be more precise, in the situation where the level-2 key is
> compromised, you actually do not revoke the level-2 key itself (using the
> corresponding level-2 private key), you revoke the trust signature on the
> level-2 key (using the level-1 private key). The level-2 will then cease to
> be valid in the eyes of your correspondents.
>
>
>> My goal is to bring good privacy at the housewife, while making the
>> process even more easier (as it will be as easy as using a wallet).
>
>
> So you want to bring privacy to the housewife while at the same time make
> her rely on someone else (the "son/trust person" you mentioned) to manage
> her privacy? But is it still privacy then?
>
> If I had to trust someone else with my privacy, I think I would rather trust
> the faceless algorithms running in a Google datacenter than a person close
> to me and who keep telling me "don't worry, I'm taking care of everything,
> just relax."
>
> (If you think that your son or your "trust person" cannot betray you, well,
> by definition you can be betrayed *only* by someone you trust.)
>
> GnuPG (and free software in general) should empower users to take privacy in
> their own hands, not incite then to rely on a "trust person".
>
> That's only my opinion, of course.
>
> Damien
>