Re: Choose signing key



Am 02.08.08 15:13 schrieb(en) Bruno Miguel:
What I'm writing about is levels of trust.

Why is the standard GnuPG trust level management not sufficient for you in this case? I must admit that Balsa's trust level management could be improved, though. If you have any ideas, they would be welcome!

I'm helping some projects and want to sign the emails I send to those addresses with a specific key I don't want to share with all the other addresses. Also, to some other addresses, I'll want to sign with other key. Different keys with the same email = different levels of trust,

O.k., so you have multiple keys with the same e-mail address in the uid, and you have multiple identities in Balsa, all with the same sender e-mail address, but for different purposes? And now, when you send a message, you always get a dialogue to choose the key, right?

I simply could fix that by adding a text entry in the identities where you can *force* a specific key by entering it's key id (most users would leave it empty, though, to let Balsa choose it automatically). Would this be a solution for your requirements?

so I can also encrypt some emails that only a small amount of people will be able to decrypt.
^^^^^^^ Again: decryption is *only* related to *encrypted* messages. IOW, you may send messages without signing them, but still with encryption for the recipients. Such messages con only be read by the real recipients, but they cannot prove your identity. Any signature does *not* improve privacy.

If you have multiple keys for the recipient(s), you again will see the dialogue to choose the right (public) key. However, as long as the recipients didn't distribute their private ones, one key will be as good as any other...

If you need really high security, I suggest you and your colleagues to get OpenPGP smartcards. Those are a *real* security improvement [1, 2].

Cheers,
Albrecht.


[1] <http://www.g10code.com/p-card.html>
[2] <http://www.gnupg.org/howtos/card-howto/en/smartcard-howto.html>

Attachment: pgpbESSZLN8dn.pgp
Description: PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]