* Karl Voit <[EMAIL PROTECTED]> wrote:
>
> I want to establish secure email communication in our company
> (Windows, Outlook, gpg4win). I do not want to maintain a keyserver
> by myself.
>
> My attempt: every employee generates his own keypair and exports the
> public key to a keyserver. I as the admin downloads his key from the
> server, compares the ID with the employee and signs the key with the
> "central company key".
>
> Any communication partner can check, wether the key of the employee
> was signed by our official "company key" which is downloadable from
> our web site.
>
> So far so good - I think.
>
> But: what if an employee quits the company? Can I revoke the
> signature? WinPT (as a key management frontend) does not seem to
> provide this feature.
I just found out that WinPT does not provide all options that gpg
(command line version) provides :-(
So my current attempt is: the employee has to add the company key as
a revoker and then export it to the keyserver. So the company key is
able to revoke any employees key.
This seems to be a clean attempt for me now.
Any suggestions?
--
Karl Voit
[X] expressive subjects NOW!
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
