0

I would like to create for myself an offline main key with three subkeys.

  1. for signing
  2. for encryption on standard computer which I hope to be able to secure better
  3. for encryption (and consequently decryption) on mobile devices

The point here is, that mobile devices are clearly harder to secure. This is also the reason I wouldn't want to sign on the mobile device or devices and I don't expect others in my WoT to sign them with the same trust level necessarily.

Having established that scenario and resolved the technical issues in key creation the main question now is: are there any ways of ensuring that the sender of an encrypted mail will send it to both encryption subkeys at once or is this implied by having a single offline main key?

Improve this question

1 Answer 1

Reset to default
1

It's up to the PGP implementation which key it will use. I think that GPG will select the latest key and encrypt with only that key. The gateway application that we have developed will encrypt with both keys.

Although I understand your thinking of having two separate keys, it does not really give you a lot of extra protection. Lets assume that all email gets encrypted with both keys, if the attacker has the key from the mobile device, the attacker can also decrypt the email stored on your standard computer since it's also encrypted with the mobile key. The only benefit of having two keys is that you can revoke the mobile key without having to revoke the standard key.

Improve this answer
4
  • Thanks for your time. The latest key of what (1st paragraph)? I can select recipients explicitly, thereby encrypting against several public keys. All I am asking is how I can set this as a "policy" or through technical means so that I don't have to tell everybody: "please always encrypt against these two public keys". I can select policies for other traits, too. And the benefit (second paragraph) is exactly what I am looking for. But you have a point in that this is a rather slim advantage.
    – 0xC0000022L
    Commented Jul 8, 2014 at 13:19
  • It's up to the PGP client to decide what to do if there are multiple keys that are valid. I think GPG will use just one key and will probably select the most recent generated. You cannot force an external client to use both keys unfortunately.
    – martijnbrinkers
    Commented Jul 8, 2014 at 13:26
  • So the public key belonging to the offline main key doesn't solve the problem either? Meaning, when I encrypt, I always encrypt against the subkey, never against the main key ...?
    – 0xC0000022L
    Commented Jul 8, 2014 at 14:09
  • According to this recent thread, GPG uses the most recent key link but other applications can do this differently.
    – martijnbrinkers
    Commented Jul 8, 2014 at 14:32

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .