[Feature Request] Multiple level subkey
lesto fante
lestofante88 at gmail.com
Mon Sep 18 08:19:08 CEST 2017
ok, just to clarify;
my original question boils down to be able to generate Sign key using a
subkey.
I guess there should be an arbitrary hard limit on the number of sub-subkey,
Aside from this, the validation algorithm should be made recursive, up to
the hard limit.
Would be possible to use the GnuPG code to create a fork, and add this kind
of behaviur?
2017-09-09 0:50 GMT+02:00 lesto fante <lestofante88 at gmail.com>:
> Hello,
>
> Maybe this is not the right place to discuss about this, please be
> kind with a noob.
>
> My user case is simple; maintain my identity even if my master key is
> compromised. Tho achieve that, I think about a multilevel subkey
> system.
> Please i would love to hear any alternative.
> For the discussion purpose, we don't talk about HOW revoke and public
> key are exchanged between peers; it could be with existing key server,
> or other way.
>
> I would like to set up a system relatively secure, but with no hassle
> for everyday use.
>
> The idea is the following:
> A level 1 key, kept very safe (hw or paper wallet wallet). This key
> represent the identity is hopefully used only once to generate one
> subkey "level 2".
>
> The subkey level 2 is saved on one (or more, but trusted) main device.
> This key will be used to generate its own subkey (level 3), those
> subkey are used for various application and distributed between device
> using relatively unsafe method; losing, revoking or issuing a new key
> for a new application should be easy and transparent for the user.
>
> the idea is that the level 2 key is used for most of the normal
> operation, even in case one or more level 3 key are compromised;
> please remember that all they key just represent the identity of the
> level 1 key.
>
> This is very similar to the chain of trust with certificate.
>
> Now the nice thing: i guess most of the people will use their phone to
> keep the level 2 key, but we know those are not the most secure stuff,
> especially when get old or wit some producer allergic to patch.
>
> In the unlucky case the level 2 key get compromised, the user can use
> the level 1 key to:
> 1. revoke the level 2 key. This of course will automatically revoke
> the level 3 key that are direct subkey of that level 2 key.
>
> 2. issue a new level 2 key. At this point the main device will issue
> new level 3 key to replace all the key revoked in the step above.
>
> please note a user could have multiple level 2 key active; this could
> be for different reason, like updating to different algorithm still
> not fully supported.
>
> Lesto
>
> ps. is anyone aware of some kind P2P system to share keys?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170918/2a629c0f/attachment.html>
More information about the Gnupg-users
mailing list