Trust management model on shared mailboxes

link

crystalnet
Members 5 posts

Jan. 2, 2021, 9:35 a.m. Jan. 2, 2021, 9:35 a.m.
link

Hello everyone,
I've read about the pep trust management model which associates the pep User ID with a human, not with an email ID.
If I understand that right, this means that I can use one key for all of my email adresses (since I'm the same human). I was wondering though, how this can deal with shared mailboxes, i.e. mailboxes that not only me but also other people are fetching at their computers. I certainly don't want them to have use the same key that I use for all of my email addresses.
So I might be getting something wrong, but how does the trust management model work? And how can I use it if I have some private email adresses and some shared mailboxes on my client?
link

sva
Team 50 posts

Jan. 6, 2021, 8:01 p.m. Jan. 6, 2021, 8:01 p.m.
link

Dear crystalnet,
@crystalnet has written:
I've read about the pep trust management model which associates the pep User ID with a human, not with an email ID.
Where did you read that? Maybe we have some misleading information in our lovely chaos ;)
Cause it is exactly the opposite - its always associated with the eMail-ID! I hope that already replies to your other questions: If you have shared eMail addresses you might e.g. wanna share the fitting key among the group, too (thats how I do it in such cases). If you have personal emails in the same client, you keep those with your own (not-shared) key safe.
link

fdik
Team 5 posts

Jan. 6, 2021, 8:15 p.m. Jan. 6, 2021, 8:15 p.m.
link

@crystalnet has written:
I've read about the pep trust management model which associates the pep User ID with a human, not with an email ID.
If I understand that right, this means that I can use one key for all of my email adresses (since I'm the same human).
While you can use one key for all email addresses, this is not the default. pEp is generating one key per identity, which for email means for each email address you'll get one key.
link

crystalnet
Members 5 posts

Jan. 7, 2021, 12:21 p.m. Jan. 7, 2021, 12:21 p.m.
link

I read it here in the FAQs: www.pep.security/en/faq/
under "What is p≡p’s Trust Management model? " it says
Quoted message:
So p≡p’s Trust Management model is very different from OpenPGP (where the User ID is associated with an email ID) and the p≡p user can use the same key on all of their channels as p≡p (rightly) just thinks of their accounts as different ways that this same human being appears on the internet.
link

fdik
Team 5 posts

Jan. 7, 2021, 1:03 p.m. Jan. 7, 2021, 1:03 p.m.
link

@crystalnet has written:
I read it here in the FAQs: www.pep.security/en/faq/
under "What is p≡p’s Trust Management model? " it says
Quoted message:
So p≡p’s Trust Management model is very different from OpenPGP (where the User ID is associated with an email ID) and the p≡p user can use the same key on all of their channels as p≡p (rightly) just thinks of their accounts as different ways that this same human being appears on the internet.
Actually, a pEp user can use the same key on all channels, but this is not the default. pEp is creating one key per channel by default. If one key for all channels should be used a pEp user can import the same key for each of the identities. Then this key will be used for all channels.

crystalnet likes this.

favorite 1