ok, just to clarify; my original question boils down to be able to generate Sign key using a subkey.
I guess there should be an arbitrary hard limit on the number of sub-subkey, Aside from this, the validation algorithm should be made recursive, up to the hard limit. Would be possible to use the GnuPG code to create a fork, and add this kind of behaviur? 2017-09-09 0:50 GMT+02:00 lesto fante <lestofant...@gmail.com>: > Hello, > > Maybe this is not the right place to discuss about this, please be > kind with a noob. > > My user case is simple; maintain my identity even if my master key is > compromised. Tho achieve that, I think about a multilevel subkey > system. > Please i would love to hear any alternative. > For the discussion purpose, we don't talk about HOW revoke and public > key are exchanged between peers; it could be with existing key server, > or other way. > > I would like to set up a system relatively secure, but with no hassle > for everyday use. > > The idea is the following: > A level 1 key, kept very safe (hw or paper wallet wallet). This key > represent the identity is hopefully used only once to generate one > subkey "level 2". > > The subkey level 2 is saved on one (or more, but trusted) main device. > This key will be used to generate its own subkey (level 3), those > subkey are used for various application and distributed between device > using relatively unsafe method; losing, revoking or issuing a new key > for a new application should be easy and transparent for the user. > > the idea is that the level 2 key is used for most of the normal > operation, even in case one or more level 3 key are compromised; > please remember that all they key just represent the identity of the > level 1 key. > > This is very similar to the chain of trust with certificate. > > Now the nice thing: i guess most of the people will use their phone to > keep the level 2 key, but we know those are not the most secure stuff, > especially when get old or wit some producer allergic to patch. > > In the unlucky case the level 2 key get compromised, the user can use > the level 1 key to: > 1. revoke the level 2 key. This of course will automatically revoke > the level 3 key that are direct subkey of that level 2 key. > > 2. issue a new level 2 key. At this point the main device will issue > new level 3 key to replace all the key revoked in the step above. > > please note a user could have multiple level 2 key active; this could > be for different reason, like updating to different algorithm still > not fully supported. > > Lesto > > ps. is anyone aware of some kind P2P system to share keys?
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
