koorg
commented
2 years ago Hi, this would be a major feature... I don't understand this does not have more votes
The issue with nearly ALL vault/encryption solutions to be used by a team, is that key must be shared.
Thus, you have all of the following :
- a key management problem
- a key distribution problem
- a key revokation problem when someone leaves the team
Having the ability to enroll multiple separate and independant key sources, that encrypts for the same data without requiring to store N times the same data (each encrypted with a different key), would be the killer feature.
I know it's a very hard problem, and I don't know how to solve it, but I can tell you it would be a killer...
deutschem1
rfjakob
Use case is mainly as a safety net (backup fido2 device), but could be used for multiple user access.
I figure this could be based on a k in n shared secret algorithm like shamir secret sharing. for a start, it would also require to allow multiple entries in the .conf file.