Have a server with a master key that decrypts incoming mail, re-encrypts with board members' individual subkeys?
If it *has* to be the same email account, does it support IMAP? If so, IMAP behaves like a folder; you can take stuff out, and put it back in again. A Python script could be written to scan over new mail, remove "master key" mail and deposit "subkey-re-encrypted" mail. When members access the mail, it will usually have been accessed, re-encrypted and replaced with one they can decrypt. If not, they'll have to wait a few minutes and try again. On Thu, 10 Oct 2013 17:38:00 +0200 Tomas Overdrive Petru <[email protected]> wrote: > Hi all, > > may I have a question? > > I need to manage key for encrypt/sign of [not-only] e-mail > communication for group of peoplewhich is partially dynamic. > Basically it is some elected administrative board. > > My ideawas to create some master key than subkeys and in case subkeys > are revoced [member of admin-board was not elected,whole admin-board > is re-elected etc.]. > > Problem is, that all of the members are using same email e.g. > [email protected] > > As soon as member should not be able to read this email, his key > should be disallowed to decrypt messages on this email. > > Can I ask for some HowTo or just correct my point of view, because it > seems definitely wrong. > > Thx, > ~ Over >
signature.asc
Description: PGP signature
