Il 06/06/2017 22:40, Konstantin Gribov ha scritto: > In first scheme DEK is never stored in plain text. It used while > encrypting archive and encrypted with gpg (or any other cryptographic > means) and plain text version is removed right after that. There's a big misunderstanding here: the encryption must be automatic, not done by an user. So, IIUC, the scheme you're suggesting given this limitation is what GPG already does when encrypting to a recipient's pk: generate a symmetric key, use it to encrypt the file, encrypt that key with recipient's pk. And it (hopefully) does every step in the safest possible way -- surely much safer than anything I could do from a script. What I'd need is some way to "extract" that temporary key (using the recipient's secret key, obv) and then immediately reencrypt it with another recipient's pk. Or (that's equivalent) add another recipient to the already encrypted file, w/o reencrypting the whole file.
> Then you can reecrypt archive on one of the servers with new DEK > dedicated for that user. Or just let it be so. If user gained an access > to archive he could always decrypt same archive again. As I said, that's not a problem: once he's had access to a file, that's "forever" (I cannot avoid he saves the file in plaintext). But he must not be able to decrypt other files from the archive. BYtE, Diego _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
