Modernizing Web-of-trust for Organizations
lewisurn at gmail.com
Thu Jan 4 22:58:06 CET 2018
On 01/04/2018 01:31 PM, Kristian Fiskerstrand wrote:
> On 01/04/2018 10:21 PM, Lou Wynn wrote:
>> After a client plugin logs in successfully, the server sends the user's
>> encrypted email key to the client.
> Aren't you better off with a gateway solution like PGP Universal /
> Symantec Encryption Server (or for that matter if GPGRelay is still
> alive) ? That never exposes key material to client, i.e always operates
> within corporate infrastructure and removes a lot of complexity and
> allows for easier indexing/searching.
It's doable, but I'd like to make sure that I understand what you mean
by "within corporate infrastructure?" Do you mean the client plugin
sends requests to the server to decrypt and verify received messages?
This is definitely a trade-off between key security and performance. But
I don't see any obvious benefits given that the user's computer that
runs the client plugin also belongs to corporate infrastructure. If the
user's computer is compromised, then the administrator simply clean up
the computer and re-install or re-initialize user's email client, which
includes the client plugin.
In my design, each end user does not have a permanent identity like in
OpenPGP where he needs to accumulate his reputation for
"trustworthiness." The only authority is the organization's root key.
Among other things, a user's key is simply a way of declaring that the
email message is authorized by the user who has been certified by the
organization's root key. In this situation, a user's key is not more
important than his email account.
More information about the Gnupg-users