Rationale/reasons for splitting Sign and Authenticate into two separate subkeys in a work-environment?

Dirk-Willem van Gulik dirkx at webweaving.org
Tue Dec 22 14:54:40 CET 2020


On 22 Dec 2020, at 13:31, Christian Chavez via Gnupg-users <gnupg-users at gnupg.org> wrote:

> My question is based on this awesome answer by Thomas Pornin: https://security.stackexchange.com/a/43591 <https://security.stackexchange.com/a/43591>;
> In a work-environment, what benefits does one gain by having separate Authentication/Signing (sub)keys?
> 
> I understand and agree with the rationale of keeping a separate Encryption key (so that this could be shared with your employer), but that rationale does not extend for Signing/Authenticating (presuming a trustworthy workplace which doesn't need to fake authentication/signing of employees).

Keep in mind that in some workplaces the building of that trust explicitly includes the need for counter-intelligence - and hence a legitimate use of fake signatures.

Though I have a hard time imagining a use case in the european private sector for that.

Dw.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201222/a2a258bd/attachment.html>


More information about the Gnupg-users mailing list