The way I've been doing that is with Shamir Secret Sharing and encrypting keys until glass-breaking is necessary.
generating tons of keys? or just broad keys?
What I've done is generate a cert for the host(s) the user needs, for the time-span they need (subject to authorization logic).
alt Hacker News
generating tons of keys? or just broad keys?
What I've done is generate a cert for the host(s) the user needs, for the time-span they need (subject to authorization logic).