using keys with multiple users
Leigh S. Jones, KR6X
Sat May 11 00:57:01 2002
You have two choices:
1 - issue separate keys for each employee who will
sign/encrypt with under the role of support@MyCompany.com
and/or hostmaster@MyCompany.com, in which case
each may keep secrets from the other but there could
be confusion on the part of your correspondents as to
which key to use
2 - issue copies of a single key to each employee, in
which case the key name would be something like:
"MyCompany Corporate Support Key <support@MyCompany.com>"
in which case there would be little confusion on the
part of your correspondents but questionable legal
value of a signature
A single key could have two or more user
identifications associated with it, for instance one
key could play the role of both support@MyCompany.com
My personal choice is a hybrid:
Issue each employee two keys: one personal key
to be used privately for encryption and signing
unambiguously plus one copy of each "role" key
that appropriately matches their job title.
This, however, requires separate keyrings -- to
allow each employee to select his/her own
passwords -- so keyring file ownership must be
arbitrated in the operating system. This probably
means no Windows 95/98/ME for "role" keyholders.
----- Original Message -----
From: "Jeroen Valcke" <firstname.lastname@example.org>
Sent: Friday, May 10, 2002 08:07
Subject: using keys with multiple users
> I use GnuPG at work. My question is how can you use GnuPG with different
> people. For example you have the following situation. I receive and send
> mail using the following aliases
> Mails sent as hostmaster are CC'ed to everybody in the hostmaster group.
> The same is true for support.
> Currently I only encrypt/sign mail with my own address
> I was wondering how we could encrypt/sign messages as
> hostmaster@MyCompany.com and support@MyCompany.com
> Does anybody work with such a setup?
> Jeroen Valcke email@example.com
> Gnupg-users mailing list