[Gnuk-users] Storing Certification Key on Gnuk?
Jonathan Schleifer
js-gnuk-users at webkeks.org
Fri Feb 13 21:04:03 UTC 2015
Hi,
I'm wondering if it's somehow possible to store the certification key on the Gnuk when there's separate keys for certification and signing? The reason I ask is that the certification key is needed to sign other keys, which means you always have to go back to a secure environment where you can sign it, where the big problem is how to get the key onto it and off of it again without connecting it to the internet (which would make it an untrusted environment).
My current solution would be: Boot the secure environment, replace the signing key on the Gnuk with the certify key, go back to the machine where you want to sign a key, then go back to the secure environment and replace the certify key with a signing key. Is there any better way to do this?
--
Jonathan
More information about the gnuk-users
mailing list