Suggestion: Coporate keyrings.
Mon May 13 22:32:02 2002
Content-Type: text/plain; charset=us-ascii
=2E..and then Brenno J.S.A.A.F. de Winter said...
% -----BEGIN PGP SIGNED MESSAGE-----
% Hash: SHA1
% So if I get it correct now we would only need some supporting programs
% (interfacing) on top of what already exists. That step would make it
% even better. I still feel we should explicitly generate the solution.
Um, what's to generate? What supporting programs?
Just have a corporate key pair and distribute the public key to anyone
who needs it. Heck, mail it to everyone in the organization every month
if you can't get it to new users when they show up. Tell the users to
trust it once and you're done.
Now you have a company whose keys you want to trust. Have a little
key-signing party and sign the company's key with the corporate private
key and now everyone in the corporation, since they trust the corp key,
will trust the other company's key.
This is the same as how it works for you and me and our mutual friend
Bill. What's the challenge?
% ~ Thanks!
HTH & HAND
David T-G * It's easier to fight for one's principles
(play) email@example.com * than to live up to them. -- fortune cookie
http://www.justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
-----END PGP SIGNATURE-----