On 08/12/2019 18:48, Joseph Bruni via Gnupg-users wrote:
I recall from the early days of PGP that there was a way to create a corporate key, fragmented into a certain number of potions, which would require some quorum to be able to perform decryption. I pored over the GnuPG documentation but could not find an equivalent. Perhaps I’m just getting the terminology wrong. Is this still possible in OpenPGP and therefore in GnuPG?
I don't know about a solution within PGP but it sounds a bit like 'ssss' - Shamir's Secret Sharing Scheme. I quote the description within Ubuntu linux distribution of the ssss package :
"allows a secret to be split in to shares. These shares can then be distributed to different people. When the time comes to retrieve the secret then a preset number of the shares need to be combined. The number of shares created, and the number needed to retrieve the secret are set at splitting time. The number of shares required to re-create the secret can be chosen to be less that the number of shares created, so any large enough subset of the shares can retrieve the secret. This scheme allows a secret to be shared, either to reduce the chances that the secret is lost, or to increase the number of parties that must cooperate to reveal the secret." hhh Philip
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users