Hi, I need to create a public and private key pair for a person representing an organization, upload the public key to RIPE(regional Internet registry in Europe) public server, create some database entries using those public and private keys and finally hand over the private key + password protecting the private key to this person. I'm aware that handing over the private key is not the best practice, but at the moment I don't have an option. Has anyone been in similar situation? I thought that I'll ship the private key on a USB memory stick in closed envelope, send the password protecting the private key over e-mail or SMS, delete the private key from my own machine and ask him to change the password protecting the private key. Are there better methods? Or ask him to create personal gpg key pair, upload the public key to key-server and finally I'll encrypt this private key with his personal public key from the key server and send the encrypted private key to his e-mail? This method doesn't require shipping the USB memory stick. Better ideas?
regards, Martin _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users