Multiple UIDs or multiple master keys?

Phil Pennock gnupg-users at spodhuis.org
Wed Jul 15 03:48:47 CEST 2020


On 2020-07-14 at 00:48 +0000, Philihp Busby via Gnupg-users wrote:
> 2: What benefits benefits are there to having separate master keys for
>    personal and professional use? Outside of not wanting the
>    identities linked, because I am not yet famous enough for that.

When the day comes that I get sucked into a legal discovery motion
through my employer and they start demanding private keys, I don't want
to have to rely upon the patience of my side's counsel to explain that
--show-session-key/--override-session-key will do just fine.

I want to be able to roll work keys, re-encrypt what needs to be
re-encrypted, and after I lose the argument about --show-session-key,
minimize the damage.

Don't cross the streams.  Don't use private email for work purposes.
Avoid handling sensitive personal stuff on work email addresses.  Don't
use keys which are "yours" in a context where someone with the power to
get you fired can start arguments because you're not cooperating.  Don't
use a key "owned" by a legal entity to secure personal communications or
secrets.

It's not really hard to have two keys and keep them separate.  And of
course if you're only using a computer which is the property of your
employer, you've read the corporate handbook and other documents
explaining what they own and don't own before letting such a device have
access to your personal keys.

None of this is about the cryptography of one key or two keys.  All of
this is around the social and legal constructs within which any keys get
used.

-Phil



More information about the Gnupg-users mailing list