The good news is that Werner is very serious about good Windows support for GnuPG. He has started the gpg4win project to collect together all the Windows front ends and plugins under one installer. The bad news is that this is a work in progress.
Thomas Widhalm wrote: > I need a plugin for Outlook which support gpg/MIME and maybe inline gpg. (Not > Gdata, this didn't work out) There is a new Outlook plugin called GPGol that is part of that gpg4win project. Werner himself is writing it. It's loosely based on the old GData plugin - essentially a rewrite of it. I don't use Outlook myself (thank heavens I don't have to), so I can't tell you what the current state is. Back in September when he first announced it, it apparently worked with Outlook 2003, but not Outlook 2000. You can find it currently at: ftp://ftp.g10code.com/g10code/gpgol/ > I think it would be a good idea to create a CA. How to achieve that? How to > keep the key save? Is just one person the CA, or a bunch of people? What if > someone leaves us? What if an employee leaves, loses his email address but > still has a signature. Should we revoke it? You are mixing up questions about security policy with questions about policy implimentation. I hope I'm not stepping on any toes here, but I think I should suggest that this isn't the place to look for advice on security policy. You might get good advice - but then again, you might get the most dangerous type of advice there is: advice that sounds logical, that seems to make sense, from someone who is generally technically competant, but that has a nonobvious flaw in it that will come back to haunt you. I'll tell you right now, I'm one of those people. I'm a project manager, a good programmer, I use GnuPG and have written software for it, but I'm not a security consultant. There are ISO standards for this sort of thing - standards that specify what a computer that holds a certificate authority's keys can and can't be hooked to, who can hold the passphrases and tokens, key length, and so forth. If you really are serious and want to have a good security policy, you should talk to someone who knows these standards. > Is it possible/useful to create an own keyserver which synchronises with the > official ones? How to do that? Yes, this is possible. I can't tell you if it would be useful as that is based on your security policy and users' requirements. If the group of people who will be using the server need keys for people who don't use your server (people in the general OpenPGP community), then it would be useful. My understanding is that not all keyservers synchronize together - there are groups that synchronize with each other, but are otherwise self contained. You would have to contact the maintainers of any particular group in order to find out what their requirements are for joining. Probably the easiest way to find this out is to email the contact person for a particular server that you know is in the group you want to join. Hope this helps. Kurt. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
