Keysigning a "corporate" key - how ?
Thu Jan 16 20:10:04 2003
Content-Type: text/plain; charset=us-ascii
> What would be the best for "corporate" ID verification ?
What would be best in my opinion to verify your corporate key,
is to sign the corporate key with your personal key. Then bring
you personal key, but not your corporate key to the key-signing
party. People who want to verify that your corporate key is
valid can decide for themselves whether they trust you to
correctly verify the corporate key, after they have already
verified your personal key. Convince your coworkers to do the
same, to provide a better web of trust. This way the people at
the key-signing event are not put in a position where they have
to determine, from their own limited knowledge of your company,
whether you are a trusted representative from your company or
if you are trying to push a phony key.
Matt Wronkiewicz <firstname.lastname@example.org>
Fingerprint: 914B FFE7 1C00 7B63 04D1 051D BA18 9B5D 6845 2D6E
Signature policy: http://www.foozone.org/crypto_policy.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (SunOS)
-----END PGP SIGNATURE-----