On 2020-07-14 at 00:48 +0000, Philihp Busby via Gnupg-users wrote: > 2: What benefits benefits are there to having separate master keys for > personal and professional use? Outside of not wanting the > identities linked, because I am not yet famous enough for that.
When the day comes that I get sucked into a legal discovery motion through my employer and they start demanding private keys, I don't want to have to rely upon the patience of my side's counsel to explain that --show-session-key/--override-session-key will do just fine. I want to be able to roll work keys, re-encrypt what needs to be re-encrypted, and after I lose the argument about --show-session-key, minimize the damage. Don't cross the streams. Don't use private email for work purposes. Avoid handling sensitive personal stuff on work email addresses. Don't use keys which are "yours" in a context where someone with the power to get you fired can start arguments because you're not cooperating. Don't use a key "owned" by a legal entity to secure personal communications or secrets. It's not really hard to have two keys and keep them separate. And of course if you're only using a computer which is the property of your employer, you've read the corporate handbook and other documents explaining what they own and don't own before letting such a device have access to your personal keys. None of this is about the cryptography of one key or two keys. All of this is around the social and legal constructs within which any keys get used. -Phil _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
