On 09/10/2017 09:17 PM, lesto fante wrote:
If your level-3 key is compromised, you revoke it, generate a new one and sign it with the level-2 key. The new level-3 key will be automatically valid for your correspondents.what if i lose the level-2 key too? imagine level-2 and level-3 key are both on my phone, with NO other copy of the level-2 and level-3 private key. Can i revoke all of them?
You revoke the level-2 key, that will be enough to invalidate the signature on the level-3 key.
If my device is in the hand of a bad person, will he be able to compromise my level-1 key
Assuming the level-1 key is not on that device, then no.
Also i understand the key-level truthiness, but here i want to AUTOMATE, make this thing MORE EASY to use than a common password approach.
I merely pointed out what is already feasible with the current state of the OpenPGP specification and the GnuPG implementation.
This approach MUST be "housewife proof"; her son/truth person will set up the sign key for her and then just tell her to keep the smartcard in a safe place. Then to choose a safe password for the SIGN key. That is the only password out housewife need, unless she will loose or get a compromised phone; at this point, she will call the trust person that will take care revoke, and then issuing a new SIGN key on her new phone. No need to go and reset ALL of her account and such; all the key she had has been already replaced :)
I do not really care for this "user is an idiot, we cannot trust him/her to do the right thing so we should do it for him/her" approach.
Damien
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
