Hello Daniel
> This is still ambiguous to me. I described two distinct cases, and i'm
> not sure which one you are agreeing to. From the rest of your message,
> i think you're agreeing to the first question, but not the second.
The objective is to require multiple people in order to use that ke
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
The Debian project solves this by having the secret key shared using
(https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing).
https://ftp-master.debian.org/keys.html
On Tue, Apr 7, 2015 at 1:29 PM, Bob (Robert) Cavanaugh
wrote:
> Alfredo,
>
Alfredo,
I don't have any personal experience with splitting the key. What we do at my
employer is split the secret key passphrase. Yes, this is a manual process but
very secure. For highly important keys we assign six trusted individuals, three
have defined one half of the passphrase and three
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 7 April 2015 at 2:14:09 PM, in
, Alfredo Palhares wrote:
> I am open to any suggestions.
Maybe somebody more knowledgeable than me can comment on whether
"Shamir's Secret Sharing Scheme" [0] might be something relevant to
mention
On Tue 2015-04-07 09:14:09 -0400, Alfredo Palhares wrote:
> [dkg wrote:]
>> Do you want to require multiple people to come together to use that
>> secret key? or do you want them each to have the ability to use the key
>> independently from each other?
>
> The objective is require multiple people
Hello Daniel,
> Do you want to require multiple people to come together to use that
> secret key? or do you want them each to have the ability to use the key
> independently from each other?
The objective is require multiple people to use that secret key. Yes
> The answer about what to do would
Hi Alfredo,
On Mon 2015-04-06 11:16:14 -0400, Alfredo Palhares wrote:
> While looking for a way to store you passwords and share them across the
> company.
>
> We need to control access inside subdirectories and have a master GPG key that
> gets encrypted with all the other ones.
>
> We would lik
Hello,
While looking for a way to store you passwords and share them across the
company.
We need to control access inside subdirectories and have a master GPG key that
gets encrypted with all the other ones.
We would like to keep very limited access to this key, and we're thinking on
literally s
