On Mar 5, 2013, at 11:53 AM, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
On Tue, 5 Mar 2013 17:30, dshaw(_at_)jabberwocky(_dot_)com said:
Can you give an example why would someone want to publish that their private
key is offline? I'm not sure I see a use for that.
I have two encryption keys but only one marked as offline. If someone
wants to send a quick message he would encrypt to the non-offline key.
If he has to tell me something really secret, he would select the
offline key, assuming that I will move the message to a non-networked
box where the offline key is stored.
Ah, that's a good point. It's still up to the sender which key to use, but you
can choose to give a hint.
I am not sure whether this is really useful for most users, but split
and group keys are also somewhat esoteric and not even defined in
OpenPGP.
Yes. I've wondered about the split key bit in the past. The group key bit
seems fairly straightforward: if the bit it set, then the verifier of a
signature is effectively being told the sender isn't a person, but a group, so
the verifier can't expect that a single person was responsible (and similar
logic for encryption). Of course, there is nothing forcing the owners of a
group key to set the bit, but if they want to, it's there.
David
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp