2005 OLS is this week!

Chris Carey chris_carey at yahoo.com
Mon Jul 18 23:45:00 MDT 2005


I found this on the web

--snip--

# gpg --recipient <person> --armor --encrypt <file>

* --recipient may be used multiple times to specify
multiple recipients.
  
--snip--

Im not sure what is going on behind the scenes, but
this appears to allow multiple recipients to decrypt
the file.

Chris Carey


--- Richard Esplin <richjunk1 at byu.net> wrote:

> I've been thinking about the concept of encrypting
> information with multiple 
> public keys. It seems that to decrypt this
> information it would require the 
> use the private keys paired with all the public keys
> used during encryption. 
> Though that would be desirable behavior in certain
> situations, it does not 
> seem to be useful in this specific application. Can
> someone offer a 
> clarification?
> 
> I see a lot of benefit to being able to encrypt
> information that is 
> decryptable by multiple parties without them jointly
> sharing a secret, but I 
> can not see how this would be possible. I have read
> some of the documentation 
> about GnuPG and haven't found any mention of this
> functionality. I even 
> skimmed the RFC. Would someone explain it to me?
> 
> I read about subkeys, but it appears from the
> documentation that subkeys are 
> used mostly to allow revocation without losing trust
> signatures on the 
> primary key. Can a primary key decrypt items
> encrypted with a subkey? How 
> could that be possible?
> 
> Thanks in advance for any clarifications or helpful
> URLs offered.
> 
> Richard Esplin
> 
> On Monday 18 July 2005 16:11, Chris Carey wrote:
> <snip>
> > GnuPG-key encrypted means that a filesystem key
> (which
> > is just a long line
> > of random characters) is encrypted with GnuPG,
> > possibly with more than one
> > person's public key
> <snip>
> > An employee can change his GnuPG
> > passphrase at any time, get hit by a bus, and drop
> > dead. Corporate IT
> > department dudes can still use their private key
> to
> > mount the partition.
> <snip>
> .===================================.
> | This has been a P.L.U.G. mailing. |
> |      Don't Fear the Penguin.      |
> |  IRC: #utah at irc.freenode.net   |
> `==================================='
> 



		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 
 



More information about the PLUG mailing list