Somehow this thread mutated into being on both gnupg-devel and gnupg-
users. I'm only replying to gnupg-users. Let's try to keep it on one
list.
On Jul 27, 2009, at 9:41 AM, Ingo Krabbe wrote:
You actually can encrypt files to more than one OpenPGP key, so that
anyone holding any of the recipient keys can decrypt the data. Maybe
this approach would be useful for the OP?
As far as I know you can keep multiple different encrypted copies of
a file, but
one copy of the file will only have one encryption. Assumed that
you don't want
to waste space. I just see that you can encrypt for multiple keys,
but you will
increase the space needed for the file copy, don't you?
I mean if you encrypt a file f.txt to f.txt.gpg with 10 recipients,
you will
have a f.txt.gpg that contains f.txt 10 times encrypted in 10
different ways.
Maybe I'm wrong about this point, but I can't think about an
encryption strategy
with mixed recipients.
OpenPGP supports multiple recipients. 10 recipients do not require
10x the space of 1 recipient, instead, you end up with a single
encryption of the data, and then a small encrypted session key per
recipient. So encrypting to 10 recipients is a bit larger than
encrypting to 1 recipient, but it is nowhere near as large as
encrypting to 10 recipients individually. Any of the recipients can
decrypt the data.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
