Hello, I have a quite simple question on best practice for the use of GPG. I haven't found an answer searching online. I hope this mailing list is the right place for asking.
I have an automated process that collects some data and unattended sends it via email. I want that data to be encrypted and signed. The encryption part is easy as it requires only public keys of the recipients. Signing, however, requires to make the private key used available to the process. I have a sufficient trust in the security of the server where the automated process runs, but I would like to reduce to a minimum the risks. What is the best practices in such cases? I can imagine several possible options: using a subkey of my key (is it possible to remove passphrase protection from a subkey?), using a dedicated key, using a subkey of a dedicated key and periodically rotate such subkey. Ideas? Comments? Thanks. Cheers, Daniele _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users