2005 OLS is this week!
richjunk1 at byu.net
Mon Jul 18 23:30:32 MDT 2005
I've been thinking about the concept of encrypting information with multiple
public keys. It seems that to decrypt this information it would require the
use the private keys paired with all the public keys used during encryption.
Though that would be desirable behavior in certain situations, it does not
seem to be useful in this specific application. Can someone offer a
I see a lot of benefit to being able to encrypt information that is
decryptable by multiple parties without them jointly sharing a secret, but I
can not see how this would be possible. I have read some of the documentation
about GnuPG and haven't found any mention of this functionality. I even
skimmed the RFC. Would someone explain it to me?
I read about subkeys, but it appears from the documentation that subkeys are
used mostly to allow revocation without losing trust signatures on the
primary key. Can a primary key decrypt items encrypted with a subkey? How
could that be possible?
Thanks in advance for any clarifications or helpful URLs offered.
On Monday 18 July 2005 16:11, Chris Carey wrote:
> GnuPG-key encrypted means that a filesystem key (which
> is just a long line
> of random characters) is encrypted with GnuPG,
> possibly with more than one
> person's public key
> An employee can change his GnuPG
> passphrase at any time, get hit by a bus, and drop
> dead. Corporate IT
> department dudes can still use their private key to
> mount the partition.
More information about the PLUG