Some points to consider: Regardless of whether or not the company signing key has signed or revoked it's signature on the user's signing key, it is ultimately up to the employee to trust or not trust the other employee's key(s). This is one of the beautiful points of PGP/GPG - there is no third party to dictate who's keys you can trust or not trust. That trust decision is solely up to the user.
Please, no one flame me, but it is worth looking at S/MIME and PGP for this issue. Yes, on a purely technical level, we are talking about the same cryptographic algorithms. The difference between S/MIME and PGP, as I understand it, is mainly semantics involving the trust relationships. In S/MIME, a third party dictates to you what is to be trusted or untrusted. In contrast, under PGP the user defines what is to be trusted or not. I'm very interested in this thread, as I'm not clear as to how you could create policies (at least ones that can be enforced) to control trust relationships in a company. This seems to be more a question of office politics than secure email technology. In a small company, this could certainly be handled. Mention the issue at the regular staff meetings, and it remains the user's responsibility to revoke trust in that keypair. By the same token - good luck to you in implementing this if you are referring to a larger company. If you create scripts or otherwise to force employees to check their keyring against some central corporate keyserver, please share. I hope your users are savvy enough to understand what they are doing. If that is the case, so much the better for you, lucky dog! Karl Voit wrote: > * Karl Voit <[EMAIL PROTECTED]> wrote: >> >> I want to establish secure email communication in our company >> (Windows, Outlook, gpg4win). I do not want to maintain a keyserver >> by myself. >> >> My attempt: every employee generates his own keypair and exports the >> public key to a keyserver. I as the admin downloads his key from the >> server, compares the ID with the employee and signs the key with the >> "central company key". >> >> Any communication partner can check, wether the key of the employee >> was signed by our official "company key" which is downloadable from >> our web site. >> >> So far so good - I think. >> >> But: what if an employee quits the company? Can I revoke the >> signature? WinPT (as a key management frontend) does not seem to >> provide this feature. > > I just found out that WinPT does not provide all options that gpg > (command line version) provides :-( > > So my current attempt is: the employee has to add the company key as > a revoker and then export it to the keyserver. So the company key is > able to revoke any employees key. > > This seems to be a clean attempt for me now. > > Any suggestions? > > -- > Karl Voit > [X] expressive > subjects NOW! > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
