Re: Optimal setup for corporate keys

2015-07-20 Thread Marko Božiković
On 18/07/2015 17:58, F Rafi wrote: > > We exchange sensitive files with multiple corporate partners and would like to > set our keys up so that a single private key compromise does not require > generating new keys for all partners. > > 1) Should we generate separate pub / priv key pairs for all

Re: Optimal setup for corporate keys

2015-07-20 Thread Marko Božiković
On 18/07/2015 17:58, F Rafi wrote: > > We exchange sensitive files with multiple corporate partners and would like to > set our keys up so that a single private key compromise does not require > generating new keys for all partners. > > 1) Should we generate separate pub / priv key pairs for all

Re: Optimal setup for corporate keys

2015-07-20 Thread NdK
Il 20/07/2015 02:44, F Rafi ha scritto: > We will have decryption processes on multiple servers. So if one server > happens to get compromised, I want to avoid the disruption of reaching > out to 40 partners to exchange keys again. We would only reach out to > the affected partners with new keys.

Re: Optimal setup for corporate keys

2015-07-19 Thread F Rafi
The partners will generate their own keys so we can send them files. We're generating separate pub/priv keys for each partner to receive files from them. My question was that if we should generate separate pub/priv keys or generate subkeys under a single signing key. Looks like the consensus is tha

Re: Optimal setup for corporate keys

2015-07-19 Thread flapflap
Greg Sabino Mullane: > > >> We exchange sensitive files with multiple corporate partners and would like >> to set our keys up so that a single private key compromise does not require >> generating new keys for all partners. > >> 1) Should we generate separate pub / priv key pairs for all partner

Re: Optimal setup for corporate keys

2015-07-19 Thread Heinz Diehl
On 19.07.2015, F Rafi wrote: > Does it make sense to use a key-server? You just answered yourself: > The public key will only be use by a single partner organization. > We were thinking about exchanging it over e-mail. So no need to upload it to a keyserver. _

Re: Optimal setup for corporate keys

2015-07-18 Thread F Rafi
Thanks. Does it make sense to use a key-server? The public key will only be use by a single partner organization. We were thinking about exchanging it over e-mail. Farhan On Sat, Jul 18, 2015 at 5:37 PM, Greg Sabino Mullane wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: RIPEMD160 > > > >

Re: Optimal setup for corporate keys

2015-07-18 Thread Greg Sabino Mullane
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 > We exchange sensitive files with multiple corporate partners and would like > to set our keys up so that a single private key compromise does not require > generating new keys for all partners. > > 1) Should we generate separate pub / priv key