Corporate use of gnupg
bahamut at digital-signal.net
Tue Feb 26 17:00:37 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Robert J. Hansen wrote:
| The last time I talked to a patent lawyer about software (I had a
nifty thing I wanted to implement and needed to make sure I wasn't
walking into a patent lawsuit), I paid my $200/hr and got this bit of
professional advice: "in today's software market, patents are used a lot
more to keep other people out than to bring money in."
Well, /I/ could've told you that. Don't tell me you never figured that
out on your own.
David Shaw wrote:
| Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.
| Of course, they could turn around and take it right out again. Unless
| you have pretty tight control over the environment, ADKs or
| encrypt-tos are not foolproof (and that applies to both PGP and GPG).
Why can't they take away write privileges of gpg.conf (and the gpg
executables for that matter) from normal users? AFAIK, that would be
pretty simple (at least on a *nix system).
Or did I overlook something important?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users