I've been thinking about the concept of encrypting information with multiple public keys. It seems that to decrypt this information it would require the use the private keys paired with all the public keys used during encryption. Though that would be desirable behavior in certain situations, it does not seem to be useful in this specific application. Can someone offer a clarification?
I see a lot of benefit to being able to encrypt information that is decryptable by multiple parties without them jointly sharing a secret, but I can not see how this would be possible. I have read some of the documentation about GnuPG and haven't found any mention of this functionality. I even skimmed the RFC. Would someone explain it to me? I read about subkeys, but it appears from the documentation that subkeys are used mostly to allow revocation without losing trust signatures on the primary key. Can a primary key decrypt items encrypted with a subkey? How could that be possible? Thanks in advance for any clarifications or helpful URLs offered. Richard Esplin On Monday 18 July 2005 16:11, Chris Carey wrote: <snip> > GnuPG-key encrypted means that a filesystem key (which > is just a long line > of random characters) is encrypted with GnuPG, > possibly with more than one > person's public key <snip> > An employee can change his GnuPG > passphrase at any time, get hit by a bus, and drop > dead. Corporate IT > department dudes can still use their private key to > mount the partition. <snip> .===================================. | This has been a P.L.U.G. mailing. | | Don't Fear the Penguin. | | IRC: #utah at irc.freenode.net | `==================================='
