* Neal Dudley <[EMAIL PROTECTED]> wrote:
> Karl Voit wrote:
>> Our communication partners have to check the signature of our
>> employees keys and its up to our partners that they check from time
>> to time wether there was a change in the relationship between our
>> employees and out company key -
Karl Voit wrote:
> Our communication partners have to check the signature of our
> employees keys and its up to our partners that they check from time
> to time wether there was a change in the relationship between our
> employees and out company key - I guess this is the most difficult
> part.
NO
* Neal Dudley <[EMAIL PROTECTED]> wrote:
> Some points to consider:
Great :-) Thread is getting even more interesting *g*
> Regardless of whether or not the company signing key has signed or
> revoked it's signature on the user's signing key, it is ultimately up to
> the employee to trust or not
On Mon, Mar 17, 2008 at 09:11:30PM +0100, Karl Voit wrote:
> * David Shaw <[EMAIL PROTECTED]> wrote:
> >>
> >> So my current attempt is: the employee has to add the company key as
> >> a revoker and then export it to the keyserver. So the company key is
> >> able to revoke any employees key.
> >
>
Some points to consider:
Regardless of whether or not the company signing key has signed or
revoked it's signature on the user's signing key, it is ultimately up to
the employee to trust or not trust the other employee's key(s). This is
one of the beautiful points of PGP/GPG - there is no third p
* David Shaw <[EMAIL PROTECTED]> wrote:
>>
>> So my current attempt is: the employee has to add the company key as
>> a revoker and then export it to the keyserver. So the company key is
>> able to revoke any employees key.
>
> Note that those methods are only useful so long as the communication
>
On Mon, Mar 17, 2008 at 05:23:39PM +0100, Karl Voit wrote:
> * Karl Voit <[EMAIL PROTECTED]> wrote:
> >
> > I want to establish secure email communication in our company
> > (Windows, Outlook, gpg4win). I do not want to maintain a keyserver
> > by myself.
> >
> > My attempt: every employee generate
Karl Voit wrote on 17.03.2008 21:42:
But: what if an employee quits the company? Can I revoke the
signature? <...>
Sure! Just $ gpg --edit-key , then select the corresponding UID
and issue revsig command. Search gpg man for revsig command for details.
--
SATtva | security & privacy consultin
* Karl Voit <[EMAIL PROTECTED]> wrote:
>
> I want to establish secure email communication in our company
> (Windows, Outlook, gpg4win). I do not want to maintain a keyserver
> by myself.
>
> My attempt: every employee generates his own keypair and exports the
> public key to a keyserver. I as the a
Hi!
I want to establish secure email communication in our company
(Windows, Outlook, gpg4win). I do not want to maintain a keyserver
by myself.
My attempt: every employee generates his own keypair and exports the
public key to a keyserver. I as the admin downloads his key from the
server, compare
10 matches
Mail list logo
