Group Signing

Faramir faramir.cl at gmail.com
Fri Apr 1 01:42:46 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

El 21-03-2011 18:51, Mike Acker escribió:
...
> it is entirely possible that Tom could leave the group yet I would want
> to maintain secure communication with him.
> 
> i will stress to the group that the key authenticates the sender but
> does not indicate group membership.

  Well, you can create a key for membership validation. Of course, that
won't be the usual usage for a key, but the nice thing about OpenPGP is
your group defines the policies for it. So a signature from that key can
mean the user is a member, and also he has been validated. The other
members of the group could sign the new member's key (or not), and once
the signature is revoked, the member is no longer a member, but
signatures issued on that key will remain. If somebody didn't want to
sign the member's key, probably also won't want to maintain secure
communication with him after he left the group.

  Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJNlRF2AAoJEMV4f6PvczxACBUH/1q+DH+NKDvZ1YYdz7WJxY93
T0GvUqMpj61a7E1g2yMsonJvDRVPEprkIMB1106KSs69g4FbZ8i7JXBMtWiTIfxR
2s9NJHTTu1StlPXxKpdEWrikxn79UqBVMNXMakjDWqUDI4PGxmuu70mURyYnUt1L
5K59J5aKc7j3yZbWbjx4bDbw6Gmxw8bO8q6U+32d9WPGmXRV7lWx/NNeF1h4Tdt6
cJXzbH44QVo9/wSrEv8LOJLytOb8evS6FGcX+SawEBL8t7cO3yHtmjSHUOnT4cRs
cnMtZMDJ9ADvtVKyymdpRwelLDx/FA1IM41/KT1nRxx5hVoNofqn2d8m/+Nn0i0=
=GO5C
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list