Modernizing Web-of-trust for Organizations

Kristian Fiskerstrand kristian.fiskerstrand at
Fri Jan 5 10:16:51 CET 2018

On 01/05/2018 10:13 AM, Andrew Gallagher wrote:
>> On 5 Jan 2018, at 08:41, Lou Wynn <lewisurn at> wrote:
>> The only need for an
>> organization to access their data is decrypting the encrypted data,
>> which is satisfied by the auditing key.
> The standard way of doing this without allowing for impersonation is escrow of the encryption subkey only. This can be done by encrypting the E subkey to the auditing key, the private key of which is presumably well controlled. 

The issue with that is that as long as the employee has private key for
primary the individual can create new subkeys, and the primary will
always have signing capability (if not always specified as usage flag).
In most setups the employee won't need/shouldn't have the private key
info for the primary for this (and a few other) reasons.

Kristian Fiskerstrand
Twitter: @krifisk
Public OpenPGP keyblock at hkp://
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
"The journey of a thousand miles begins with one step."
(Lao Tzu)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list