Using signing in a group environment

Anthony E . Greene
Wed May 16 23:20:01 2001

On Wed, 16 May 2001 12:55:10 Brian Rectanus wrote:

>I would like to create a secret key for our group here at work so that
>we can send out signed email. What would be the best way of doing this
>so that when a group member leaves, they would not be able to continue
>to send signed email? If a member should leave, would the secret key
>have to be expired or is there a better way? If the signing key was
>expired, how would this effect any older signed messages?
Create the key with a reasonable expiration. When a person who had access leaves the group, revoke the key and distribute the revocation as well as you can. Even if some people do not get the revoked copy, the copy they have will expire soon enough to reduce the risk. Tony -- Anthony E. Greene <> <> PGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D Chat: AOL/Yahoo: TonyG05 ICQ: 91183266 Linux. The choice of a GNU Generation. <>