Download User's Guide

PGP 8.0
User’s Guide
Rejoining split keys
Once a key is split among multiple shareholders, attempting to sign or decrypt with it
will cause PGP to automatically attempt to rejoin the key. There are two ways to
rejoin the key, locally and remotely.
Rejoining key shares locally requires the shareholders presence at the rejoining computer. Each shareholder is required to enter the passphrase for their key share.
Rejoining key shares remotely requires the remote shareholders to authenticate and
decrypt their keys before sending them over the network. PGP’s Transport Layer
Security (TLS) provides a secure link to transmit key shares which allows multiple
individuals in distant locations to securely sign or decrypt with their key share.
Caution:
Before receiving key shares over the network, you should verify each shareholder’s fingerprint and sign their public key to ensure that their authenticating key is legitimate.
To rejoin a split key:
1. Contact each shareholder of the split key. To rejoin key shares locally, the shareholders of the key must be present.
To collect key shares over the network, ensure that the remote shareholders have
PGP installed and are prepared to send their key share file. Remote shareholders
must have:
–
their key share files and passwords
–
a keypair (for authentication to the computer that is collecting the key shares)
–
a network connection
–
the IP address or Domain Name of the computer that is collecting the key
shares
2. At the rejoining computer, use Windows Explorer to select the file(s) that you
want to sign or decrypt with the split key.
3. Right-click on the file(s) and select Sign or Decrypt from the PGP menu.
The PGP Enter Passphrase for Selected Key screen appears with the split key
selected.
4. Click OK to reconstitute the selected key.
138