PGP allows sending encrypted emails/data to multiple recipients, where each recipient has a different private key, and this works AOK (but no idea how). I have 'PGP Desktop Whole Disk Encryption (WDE)'. CP
On 24/08/2019 00:34, Charles Mills wrote: >> I believe a public key can be associated with more than one PGP private key > I don't know PGP at all but for basic asymmetrical or public/private key > encryption, the public and private keys are basically one to one with each > other. You generate a pair, both halves at once. Although I guess it is not > provable that no two public keys have the same private key, that situation is > hopefully unlikely. > > Charles > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of CM Poncelet > Sent: Friday, August 23, 2019 8:01 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: vendor distributes their private key > > The vendor can revoke his private/public key, generate a new > private/public key pair and - hopefully this time - publish only the > public key. > > BTW I believe a public key can be associated with more than one PGP > private key, although doing so would still not explain the vendor's > publishing a private key that could decrypt his public key encrypted > data - regardless of how many other private keys could do so too. > > Just my ha'penny. > > Chris Poncelet (retired sysprog) > > > On 22/08/2019 20:41, Paul Gilmartin wrote: >> On Thu, 22 Aug 2019 14:13:58 -0500, Joel M Ivey wrote: >> >>> Thanks all for the response. I'm glad I wasn't missing something. I >>> will discuss further with the vendor, hoping they will recognize the risks. >>> >> How can the vendor recover from this without causing great >> disruption, even an indefinite time in the future, to existing >> customers who are rely on the improperly distributed private key? >> >> -- gil >> >> ---------------------------------------------------------------------- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >> . >> > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > . > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
