On 22 Dec 2020, at 13:31, Christian Chavez via Gnupg-users <gnupg-users@gnupg.org> wrote:
> My question is based on this awesome answer by Thomas Pornin: > https://security.stackexchange.com/a/43591 > <https://security.stackexchange.com/a/43591>; > In a work-environment, what benefits does one gain by having separate > Authentication/Signing (sub)keys? > > I understand and agree with the rationale of keeping a separate Encryption > key (so that this could be shared with your employer), but that rationale > does not extend for Signing/Authenticating (presuming a trustworthy workplace > which doesn't need to fake authentication/signing of employees). Keep in mind that in some workplaces the building of that trust explicitly includes the need for counter-intelligence - and hence a legitimate use of fake signatures. Though I have a hard time imagining a use case in the european private sector for that. Dw.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
