Modernizing Web-of-trust for Organizations

Thu Jan 4 03:37:23 CET 2018

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi

On Thursday 4 January 2018 at 1:46:55 AM, in
<mid:63c961e8-1821-19cd-1aaa-2bb0d03f9b08 at gmail.com>, Lou Wynn wrote:-

> When I said for "both," I might have misunderstood what you meant by
> a shared keyring? Can you explain it a little bit? 

PGP and GnuPG traditionally store private keys in a secret keyring and
public keys in a public keyring. Each user's secret keyring has just
their own secret keys. Each user's public keyring contains their own
public keys, plus other people's public keys for encrypting messages
or checking signatures. Multiple users' OpenPGP installations could
theoretically all be configured to point to the same shared keyring
files instead of each user having their own local keyring files (or
all their local keyring files could be kept in sync with a central
copy).

> My system doesn't
> share anything that is related to user private keys, except for that
> encrypted private keys are saved in a database. 

If the user's OpenPGP software accesses that database each time it
needs to use the private key, the database is providing the same
function as the old secret keyring.

> An analogy is
> placing two people's encrypted PGP secret keyring on a file server,
> and decryption is still done at the client side. I'm not sure if
> this is what you meant by a shared keyring.

If my keyring and your keyring happened to be stored on the same
server but they were separate and there was no sharing or syncing
between them, it would not be a shared keyring.

- -- 
Best regards

MFPA                  <mailto:2017-r3sgs86x8e-lists-groups at riseup.net>

Is it bad luck to be superstitious?
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQSWDIYo1ZL/jN6LsL/g4t7h1sju+gUCWk2TLV8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0OTYw
Qzg2MjhENTkyRkY4Q0RFOEJCMEJGRTBFMkRFRTFENkM4RUVGQQAKCRDg4t7h1sju
+scSAP4vmeuwK8YCAyYjs4Psorv96r7m3oxgzLu7sJKF96yXTQEAgAjsz8M6S03n
8sLlKoRB8wlcCmjzECrzjtTytkNsfwSJApMEAQEKAH0WIQRSX6konxd5jbM7JygT
DfUWES/A/wUCWk2TP18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0NTI1RkE5Mjg5RjE3Nzk4REIzM0IyNzI4MTMw
REY1MTYxMTJGQzBGRgAKCRATDfUWES/A/5DkD/9BrPANt1BW46XokjuD/kcjuJxQ
F24osueo+o/Cu/+oRnXVExm8dj1zSmr5FH5WUPxejCHORzVxEZjeKAQaLOUoxNjr
hpWvJckeYi7O/+Iv7Mcvj5T88qawtebB/R8RseXak68ZIag6eFG9aMa6qIV75Jvq
60AFLEmZwOOtAoUxfwaIAgLqUc2ER2IYtdiUQX31xsNUrG60nIrWHl77mu7x31L3
FJm1t8wCI6WCKWHCygThkxFburohGIHhsC8z2MEfaN0/e/zy/ZNccC4pfhMOcAWR
1ArFEkRkluMVlkFPItPuwmSDINR3UltTyi77CQ0hYpceleJ47p2n+auYNnSS6Q+D
pIh1q4nMlVCG0TgUI98lKn4JcklHfiu7HGJhFgik+tvC+2TJ+U1NZtVWqZCsr+cA
YePtEyB8Pe82iu7SL3RF5AjtCJa4aS9DQjZixKwxe6WaOfVrcgd+Ne2z6nYX9vto
uSRmir5f5yVhP849AyZ5q31OLPJ8GsvyLF4hyBe1Of6SxhVnlggSZJaJg3/Z31Zr
/2J0U85bk8KyKtWbGn+t1KgrDt1N/u5ExuEkE3PU/5phip3gEHFymB8qqOrBCUAQ
cMcp9W5hI0LAGwGJJ8vKAieoIEQvyIG6d70i/Q1C6+ktNzJSlOfvIUJMFDnXdhAM
4x3CgH8LC0MuJEMRfQ==
=Ol4C
-----END PGP SIGNATURE-----