Corporate use of gnupg
Andrew Berg
bahamut at digital-signal.net
Tue Feb 26 17:00:37 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Robert J. Hansen wrote:
| The last time I talked to a patent lawyer about software (I had a
nifty thing I wanted to implement and needed to make sure I wasn't
walking into a patent lawsuit), I paid my $200/hr and got this bit of
professional advice: "in today's software market, patents are used a lot
more to keep other people out than to bring money in."
Well, /I/ could've told you that. Don't tell me you never figured that
out on your own.
David Shaw wrote:
| Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.
|
| Of course, they could turn around and take it right out again. Unless
| you have pretty tight control over the environment, ADKs or
| encrypt-tos are not foolproof (and that applies to both PGP and GPG).
Why can't they take away write privileges of gpg.conf (and the gpg
executables for that matter) from normal users? AFAIK, that would be
pretty simple (at least on a *nix system).
Or did I overlook something important?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBAwAGBQJHxDelAAoJEPiOA0Bgp4/LlfEH/Ap9Y7JiLtpFOs2U2FvqYVu5
xhZCy0Fo5SumAP7+OWA/lvZ1SU/zFCrSF2k/k+BZmnQtgh0h+lt3l78t1cR+tk+Z
PkJPkPce0QbJ+lDl5OZNNkT8J166FVcm0UVdkTBkg/vBBcnn17k/gZAptV6sZg6A
95CnCxCxQCLhshCP/WhjrahM/CbG/cVx8nEU99TysC+Bt2a/8YuXd/HUAvhcoh6I
RNbVGTmcHh8BZKp7tLbnhIpubBuLNscjssKCTos898JJ/tBSrTCZLMfNmNKP5Gtw
OqzAkWj1wJ99VWZaWMOejeGE22U+ccSePeUIrojZ5NLDhlzUTUmaZghamlgLlFk=
=zC7/
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list