> On 5 Jan 2018, at 08:41, Lou Wynn <lewis...@gmail.com> wrote: > > The only need for an > organization to access their data is decrypting the encrypted data, > which is satisfied by the auditing key.
The standard way of doing this without allowing for impersonation is escrow of the encryption subkey only. This can be done by encrypting the E subkey to the auditing key, the private key of which is presumably well controlled. A _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users