ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Clarify status of subkeys with certification use

2018-05-25 10:26:01
On 05/25/2018 12:26 PM, Leo Gaspard wrote:
Another use case supporting this opinion: certification subkeys are also
a way to increase the security of an offline OpenPGP key, as with them
it becomes possible to put the master key behind a diode while still
being able to certify keys, and only ever move data out:
 1. On the machine with the master key, generate a certification subkey
 2. Move the certification subkey to another system, less trusted
 3. Push the to-be-signed key to this other system
 4. On this other system, certify the to-be-signed key
 5. Rotate the certification subkey from time to time to be able to
revoke one were it compromised

I'm not sure I buy this argument, the WoT is expected to be long-term,
if needing to do rotation of certification subkey, it sounds like you're
making it more temporary of sorts. Wouldn't just having a separate CA
key that is fully trusted (presumably locally signed and not exportable)
accomplish much of the same for more "temporary" signatures, i.e those
not exported to view of the rest of the ecosystem / external users?

-- 
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
There are two tragedies in life. One is to lose your heart's desire. The
other is to gain it.
 - George Bernard Shaw

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp