Corporate use of gnupg

vedaal at vedaal at
Tue Feb 19 21:55:18 CET 2008

>> We won't add ARR (aka ADK) to GnuPG.  It would be more useful to 
>add a
>> re-encode feature to add another public or symmetric key for 
>The patent language on #6314190 is sufficiently broad that it 
>arguably cover this, too, depending on how it's implemented.

a simple corporate solution,
is for the company to generate a gnupg keypair for each employee,
have the employee change the passphrase as desired,
and have the employees generate their own separate signing keys 
(not subkeys)

then the company can simply inform all employees that any and all 
encrypted mail sent or received by the company must have a 
recipient key id that is on the company's 'accepted' list of 
employee encryption keys, or the corporate mail filter will discard 

this way, the employees are responsible for their own signatures, 
which cannot be forged by the company, and are aware that the 
company can read all company related e-mail,
and no patents are even remotely infringed upon

employees who really want to deceive the company, can send 
encrypted files another way, (cdrw truecrypt containers by snail 
mail, using gnupg  on private home computers etc.), and there is no 
simple solution to stop it.


any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

The Perfect Baby Gift. Click Here

More information about the Gnupg-users mailing list