Managing Subkeys for Professional and Personal UIDs

[NdK]

Il 03/05/2014 05:01, Robert J. Hansen ha scritto:

> And regardless of whether it's a good practice or a bad one, I've worked
> in businesses that have done exactly this -- so it's a real-world
> example that demonstrates the occasional need for a third party to
> possess signing keys.
That practice is the same as asking you to sign blank sheets of paper so
they can later write on them what they like.
IMVHO it's an *illegal* practice, and actually I vaguely remember news
about a case where a female worker had to sign a blank sheet, that was
later used for her "resignation" when she asked for maternity leave.
IIRC she won the cause.

Signing cards, at least here in Italy, are bound to a person. If
multiple persons can sign the same kind of document (or if a "vice" is
needed), then there are more cards, each controlled by a different
person. That's why it's called "qualified signature" and it's (legally)
stronger than a plain one.

As already pointed out it could be different for encryption-only keys,
that could be escrowed under some circumstances.

BYtE,
 Diego.