[GnuPG] : Question - collective entity key management
Cathal Garvey
cathalgarvey at cathalgarvey.me
Thu Oct 10 09:01:18 PDT 2013
Have a server with a master key that decrypts incoming mail,
re-encrypts with board members' individual subkeys?
If it *has* to be the same email account, does it support IMAP? If so,
IMAP behaves like a folder; you can take stuff out, and put it back in
again. A Python script could be written to scan over new mail, remove
"master key" mail and deposit "subkey-re-encrypted" mail. When members
access the mail, it will usually have been accessed, re-encrypted and
replaced with one they can decrypt. If not, they'll have to wait a few
minutes and try again.
On Thu, 10 Oct 2013 17:38:00 +0200
Tomas Overdrive Petru <tpetru at gmail.com> wrote:
> Hi all,
>
> may I have a question?
>
> I need to manage key for encrypt/sign of [not-only] e-mail
> communication for group of peoplewhich is partially dynamic.
> Basically it is some elected administrative board.
>
> My ideawas to create some master key than subkeys and in case subkeys
> are revoced [member of admin-board was not elected,whole admin-board
> is re-elected etc.].
>
> Problem is, that all of the members are using same email e.g.
> member at board.eg
>
> As soon as member should not be able to read this email, his key
> should be disallowed to decrypt messages on this email.
>
> Can I ask for some HowTo or just correct my point of view, because it
> seems definitely wrong.
>
> Thx,
> ~ Over
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/testlist/attachments/20131010/1255029b/attachment.sig>
More information about the Testlist
mailing list