From 119827fd4567cd51f450dda37c3ef9600ed62979 Mon Sep 17 00:00:00 2001
From: bnewbold <bnewbold@robocracy.org>
Date: Thu, 19 Jul 2012 23:00:07 -0400
Subject: backup

---
 security.page | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'security.page')

diff --git a/security.page b/security.page
index dea8a2e..81bed52 100644
--- a/security.page
+++ b/security.page
@@ -13,3 +13,11 @@ XSS attack to back out geo location of router: <http://samy.pl/mapxss/>
 [Tripphrases](http://worrydream.com/tripphrase/)
 
 plan9 security: [Factotum](http://doc.cat-v.org/plan_9/4th_edition/papers/auth)
+
+Users should probably have a single "root" GPG key for every distinct
+identity/persona that they present to the external world, and then generate
+subkeys for use with each host/device and external service. This allows more
+fine grained control over revokation and access control (eg, if a device is
+lost then suspend/revoke that key). An API or tools to help distribute
+certificates, signing information, and revokations would be helpful.
+
-- 
cgit v1.2.3