Modernizing Web-of-trust for Organizations

MFPA 2017-r3sgs86x8e-lists-groups at
Thu Jan 4 01:40:59 CET 2018


On Wednesday 3 January 2018 at 7:02:08 AM, in
<mid:fcda1d3d-686f-7c34-9545-9673be7f4a11 at>, Lou Wynn wrote:-

> 1. Goals of the system

> a. An organization does not depend on third-party certificate
> authorities.

It is already the case that an organisation does not need to depend on
third-party CAs to certify its staff's OpenPGP keys.

For example, my ISP [0] says "All staff keys are signed using the
company signing key. This is very much like a traditional company
seal. Only the director has access to this key and it is only used for
signing other keys. If/when a member of staff leaves a revocation is
issued of that signature and loaded on to keyservers."

> b. Its employees and business partners do not manually manage their
> own keys and trust relationship, and the administrator centrally
> manages all certificates and trustworthiness for the organization.

Are you talking about something like a shared keyring? Or just
managing trust relationships by issuing key certifications and

> c. Business units can flexibly define trust boundaries. For example,
> the security department can have some black hats as business
> partners but these black hats should be not be trusted by other
> employees of the organization.

Would the business unit achieve this by using their own certifying
key in addition to the enterprise-wide certifying key?

> d. Providing end-to-end security with public key ciphers. An end
> user's private key should not be exposed to anyone, namely, only the
> end user has access to his or her private key to ensure valid
> signature and decryption.

So each user would still generate their own key pair.

> When keys of business partners are certified by the CK, the above
> two design principles place the employees and business partners in
> the same trust realm and therefore trust each other, but not between
> two business partners because two business partners are not in the
> same trust realm.

Isn't it up to the two business partners to decide whether or not to
trust each others' keys?

Whether or not the business partners choose
to consider the presence of the certification from the company's
RK/CKs when making their respective decisions, isn't it ultimately not
really any of the company's business?

[0] <>

Best regards

MFPA                  <mailto:2017-r3sgs86x8e-lists-groups at>

Zorba the Greek - before he zorbas you
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 1252 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list