On 2/15/2010 12:34 AM, Mohan Radhakrishnan wrote: > Hi, > > We have several public keys and we use all of them to encrypt > files. Each recipient then decrypts the file using his or her own secret > key. Now some recipients lose their keys and replace them. Some new > encrypting keys get added. So we have several old files that the new > users cannot read. > > Can a single user generate several sub secret keys and distribute to the > other recipients ? Does this solve the old file re-encryption problem > somehow by still retaining individual keys ? > > Our policy does not allow sharing of keys. So it looks like the subkeys > have the same problem because all of them originate from a common key ?
I'm not intimately familiar with the way keys and subkeys are related and interact, so I can't answer the exact question you asked. However, in the general case, I think the only solution to this problem is to use some sort of key escrow system. (The real solution is "don't lose your keys" and key escrow is one way to try to implement that.) If you design some way of generating several [sub]keys or something such that the end result is the ability to regenerate a lost key, then you have effectively shared your key (since others could regenerate it without your participation). Your policy prohibits that, so whether or not you can devise a system to do it is academic. Whether or not key escrow counts as "sharing keys" is a question for your policy-makers. As a general principle, if a secret key is unavailable, you WANT the encrypted material it protects to become unavailable. That's rather the point, no? :-) -Chris
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users