Corporate use of gnupg
vedaal at hush.com
vedaal at hush.com
Tue Feb 19 21:55:18 CET 2008
>> We won't add ARR (aka ADK) to GnuPG. It would be more useful to
>add a
>> re-encode feature to add another public or symmetric key for
>decryption.
>
>The patent language on #6314190 is sufficiently broad that it
>would
>arguably cover this, too, depending on how it's implemented.
a simple corporate solution,
is for the company to generate a gnupg keypair for each employee,
have the employee change the passphrase as desired,
and have the employees generate their own separate signing keys
(not subkeys)
then the company can simply inform all employees that any and all
encrypted mail sent or received by the company must have a
recipient key id that is on the company's 'accepted' list of
employee encryption keys, or the corporate mail filter will discard
it
this way, the employees are responsible for their own signatures,
which cannot be forged by the company, and are aware that the
company can read all company related e-mail,
and no patents are even remotely infringed upon
employees who really want to deceive the company, can send
encrypted files another way, (cdrw truecrypt containers by snail
mail, using gnupg on private home computers etc.), and there is no
simple solution to stop it.
vedaal
any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link
--
The Perfect Baby Gift. Click Here
http://tagline.hushmail.com/fc/Ioyw6h4eUCjMPYjHbFDlJl4GLFkdg5rzznRGZDWJt71njDIDf5WCr9/
More information about the Gnupg-users
mailing list