Modernizing Web-of-trust for Organizations

Lou Wynn lewisurn at gmail.com
Thu Jan 4 05:42:07 CET 2018


On 01/03/2018 06:37 PM, MFPA wrote:
> Hi
>
>
> On Thursday 4 January 2018 at 1:46:55 AM, in
> <mid:63c961e8-1821-19cd-1aaa-2bb0d03f9b08 at gmail.com>, Lou Wynn wrote:-
>
> If the user's OpenPGP software accesses that database each time it
> needs to use the private key, the database is providing the same
> function as the old secret keyring.
>
> If my keyring and your keyring happened to be stored on the same
> server but they were separate and there was no sharing or syncing
> between them, it would not be a shared keyring.
This is what happens in my system, so it is not a shared keyring.

My system uses a customized PGP client, which acts like a special web
client. It has a client key and uses it to log into the server, which is
similar to SSH key authentication, to retrieve the private key after
authentication. It does not save the private key locally on storage
devices after decrypting it; it only keeps the private key in memory
until session times out, when it cleans the private key from memory. 
But it caches public keys locally though. In this sense, you could say
that the client has local public key rings and a remote private key ring
if you like to compare it with GnuPG implementation.

Thanks,
Lou




More information about the Gnupg-users mailing list