Hello Daniel, > Do you want to require multiple people to come together to use that > secret key? or do you want them each to have the ability to use the key > independently from each other?
The objective is require multiple people to use that secret key. Yes > The answer about what to do would depend on how you want the key to be > used. Basically this key would a part of the encryption group of all the other credentails. And to be the only key to encrypt extremely sensitive data > It's not clear to me that we have a functional workflow to support the > first scenario (where multiple people must come together to use the > secret key) without a lot of overhead for the users. > My understanding is that the Tails community does something like this, > but they are a highly-technical group who are willing to custom-build > their own tools and to endure quite a bit of tedious and inconvenient > process to protect the safety of their users. Do they have this documented somewhere. > Consider that anyone who ever has access to the raw secret material of > the shared key can effectively make a copy of it and then use it > elsewhere in the future. Yes, the key joining is a whole proccess on an offline machine with the presence of all elements. > If you can define your desired use cases more clearly, maybe someone on > this list can propose an effective workflow for you. I am open to any suggestions. Thank you for you input! -- Alfredo Palhares GPG/PGP Key Fingerprint 68FC B06A 6C22 8B9B F110 38D6 E8F7 4D1F 0763 CAAD
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users