I tend to disagree. Technically this will add much complexity and then likely harm system scalability. As mentioned in OP, make it as simple as possible. When active key is required for posting-related stuff, risk of being compromised will increase.
You are viewing a single comment's thread from:
I think reverting recent edits can be done just as well with the posting key. The use case here is a compromised account that is then recovered by the owner (or possibly other use cases such as an author who just messed up editing the post and wants to "Undo"). After recovering the hacked account the posting key would have been changed, and then the reverts can be done using the new posting key.
The active key would be for a switch only. Not for making the edits themselves. On the web, the switch can be on a more secure page where there isn't any user-modifiable content.