On Wed, May 23, 2001 at 09:02:34AM +0100, kevin lyda wrote:
> On Wed, May 23, 2001 at 12:58:06AM +0100, Niall O Broin wrote:
> > What do you mean exactly ? Is this a bit like the captain and the XO on the
> > submarine with the keys to the nuclear missile launcher i.e. do two people
> > have to agree to decrypt ? If so, who gets to get the plain text ?
>> the two people sitting at the terminal. the files in question contain
> valuable data, and it would seem wise to me to offer some security in
> handling them. not just for the people you purchased the files, but
> for those that handle them on their behalf.
OK - so it is just like the captain and the XO on the submarine. The famous
Niall O Broin instant analysis (TM, Copyright) indicates that what is
needed here is not multiple keys, but multiple passphrases i.e. when a key
is generated not just one passphrase is asked for, but an option to enter n
passphrases and an m, which is the number of passphrases required to decode.
There you go - a requirements spec. in a couple of lines. Functional specs.,
coding, testing etc. are left as exercises for the reader :-)
> and while it's quite complex technically, it's thanks to the scenario
> you describe that it's easy to ask for.
I know buggery about the internals of gpg BUT it certainly sounds a little
complex, alright.
Niall
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
