On 09/10/2017 04:36 PM, Daniel Kahn Gillmor wrote:>> My user case is simple; maintain my identity even if my master key is >> compromised. Tho achieve that, I think about a multilevel subkey >> system. > > I'm not sure how the proposed multi-level system is an improvement over > an offline primary key. It's certainly more complicated, but complexity > is a bug, not a feature. can you explain why you think it's better? > > with an offline primary key, you only put subkeys on any device that's > used regularly.
I can think of at least one use case it covers in addition to an offline masterkey (but that would also be covered by C subkeys): the ability to sign others’ keys without using your masterkey. This would allow to not have to expose the keysigning device to untrusted data/software/hardware that would carry the to-be-signed key. It would also make an offline masterkey much more convenient to use, given one could just do like it never existed (even for keysigning), except once the subkeys become compromised -- and at that time, the recovery operation would be 1/ re-generate subkeys, 2/ re-sign all keys you had signed with your previous C subkey. What do you think about this? (maybe I should just raise the issue on rfc4880bis ML, but as the question arose here…)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
