Implications of a common private keys directory in 2.1

Andrew Gallagher andrewg at
Tue Nov 22 19:25:29 CET 2016

On 22/11/16 18:17, Carola Grunwald wrote:
> You seriously recommend to run a dedicated gpg-agent instance for each
> of dozens if not hundreds of mail service users?

gpg is intended to run on the client, not the server. A mail service
operator should not hold the private keys of its users, never mind
perform encryption operations on their behalf. I would question the
design of your architecture if you feel this is necessary.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161122/6cc675d7/attachment-0001.sig>

More information about the Gnupg-users mailing list