Modernizing Web-of-trust for Organizations

Kristian Fiskerstrand kristian.fiskerstrand at
Thu Jan 4 23:57:42 CET 2018

On 01/04/2018 11:24 PM, Lou Wynn wrote:
> I guess that you missed the auditing key part. I introduced it to meet
> auditing requirements or scanning of messages without using end user's
> private keys.

but you add the requirement that all end users sending email to you
require to validate the auditing key as well (auditing is likely wrong
word, archiving is more likely relevant). for auditing you certainly
want gpg-agent monitoring of assuan channel in separate domain.

Kristian Fiskerstrand
Twitter: @krifisk
Public OpenPGP keyblock at hkp://
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Amantes sunt amentes
Lovers are lunatics

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list