Suggestion: Coporate keyrings.
Adrian 'Dagurashibanipal' von Bidder
Mon May 13 09:08:01 2002
On Sun, 2002-05-12 at 09:56, Brenno J.S.A.A.F. de Winter wrote:
> My suggestion is following: Let's build a system that supports corporate
> keyrings. An administrator can verify the keys and set a trust. The
> local GnuPG could access that keylist and rely on it's trust. Such a
> thing would be a setting in GnuPG. GnuPG communicates with the
Why not have a corporate key. The admin signs the keys he has verified,
the user trusts this corporate key signing key, and so automatically he
trusts all keys in the corporation.
IMHO there is no difference in usability if the setting has to be made
to trust the key or to trust a special keyring. But for the first the
infrastructure is already there.
I sign e-mail using OpenPGP (rfc2440) compliant software.
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
-----END PGP SIGNATURE-----