Re: [tlug] Managing PGP keys on multiple machines

[Curt Sampson <cjs@example.com>]

On 2008-06-22 22:02 +0900 (Sun), David Smith wrote:

> Curt Sampson <cjs@example.com> writes:
> 
> > I've been [changing encyrption subkeys] for a while (I'm now on
> > my fifth yearly encryption subkey), and the only real issue I've
> > had is every year having to go around and find all the places
> > that automated systems are encrypting things for me to update the
> > keyring. (E.g., most servers that send their backups to Starling's
> > central backup server encrypt the data with my key, amongst others.)
> ...
> Regarding your particular issue, I suggest not using your personal key
> in automated systems. Would having a 'role keypair' increase your
> workflow too much?

That's actually going in quite the wrong direction. 

1. It doesn't help at all with the changing keys issue, since whether I
expire my personal encryption key or some role's encryption key, either
way I have to go back and find all of the places it's being used.

2. It gives me another key to manage, which increases complexity and
reduces security.

> If your job, like backups, doesn't care about the signatures on
> the key, then a role keypair sounds like a better fit. I can describe
> how this works in practice in detail if you like but I feel that the
> term is pretty self-explanatory.

Actually, if you could explain what the advantages are, I'd appreciate
it. I really don't see them.

Incidently, using signed keys does provide some additional security; it
allows me to be able to check that the keys a server is using are the
correct ones, and haven't been substituted in some way.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974   
Mobile sites and software consulting: http://www.starling-software.com