using keys with multiple users

Leigh S. Jones, KR6X kr6x@kr6x.com
Sat May 11 00:57:01 2002 

You have two choices:

1 - issue separate keys for each employee who will
sign/encrypt with under the role of support@MyCompany.com
and/or hostmaster@MyCompany.com, in which case
each may keep secrets from the other but there could
be confusion on the part of your correspondents as to
which key to use 
2 - issue copies of a single key to each employee, in 
which case the key name would be something like:
"MyCompany Corporate Support Key <support@MyCompany.com>"
in which case there would be little confusion on the 
part of your correspondents but questionable legal 
value of a signature

A single key could have two or more user 
identifications associated with it, for instance one
key could play the role of both support@MyCompany.com
and hostmaster@MyCompany.com

My personal choice is a hybrid:

Issue each employee two keys: one personal key 
to be used privately for encryption and signing
unambiguously plus one copy of each "role" key 
that appropriately matches their job title. 
This, however, requires separate keyrings -- to
allow each employee to select his/her own 
passwords -- so keyring file ownership must be
arbitrated in the operating system.  This probably
means no Windows 95/98/ME for "role" keyholders.

----- Original Message ----- 
From: "Jeroen Valcke" <jeroen@valcke.com>
To: <gnupg-users@gnupg.org>
Sent: Friday, May 10, 2002 08:07
Subject: using keys with multiple users


> Hello,
> 
> I use GnuPG at work. My question is how can you use GnuPG with different
> people. For example you have the following situation. I receive and send
> mail using the following aliases
> jeroen.valcke@MyCompany.com
> support@MyCompany.com
> hostmaster@MyCompany.com
> 
> Mails sent as hostmaster are CC'ed to everybody in the hostmaster group.
> The same is true for support.
> 
> Currently I only encrypt/sign mail with my own address
> (jeroen.valcke@MyCompany.com).
> 
> I was wondering how we could encrypt/sign messages as
> hostmaster@MyCompany.com and support@MyCompany.com
> 
> Does anybody work with such a setup?
> 
> Thanks,
> 
> -Jeroen-
> 
> -- 
> Jeroen Valcke               jeroen@valcke.com   
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>