[Feature Request] Multiple level subkey
lesto fante
lestofante88 at gmail.com
Thu Sep 14 00:20:57 CEST 2017
>Such a thing already exists, at least here in Italy: CIE/CNS. X509-based certs.
exactly, this is what started the idea; we have no power over those
certificate for revoke, and i have no idea if a new certificate is
issued if you loose your document.
What I found out is that the CA seems to be region-based, so i will
have to track all of them. If you know something more, I am very
interesting to hear, all the info i got is pieces found here and
there. I also hope the same apply on the rest of the EU, since AFAIK
that certificate is on the European Health Insurance Card.
BUT, of course using a card reader is not possible, especially if we
think the smartphone as main device. So would be nice if somehow the
certificate can sign (and revoke! that is also important!) a "normal"
key, that is stored on the phone, and act as main key that generate
the subkey for all the application requiring it.
All the application save the user by the "certificate" identity, so
even changing key the user is automatically recognized.
Do you think this is feasible and i should research in this direction?
>Anyway that's something that IMVHO does not fit well with GPG.
Can you explain why? also, i said in my first email i am not sure
there is the right place, but i didn't know anywhere else where to
have this discussion, so tips on this regards are also appreciated.
More information about the Gnupg-users
mailing list