Modernizing Web-of-trust for Organizations

Kristian Fiskerstrand kristian.fiskerstrand at
Fri Jan 5 21:54:18 CET 2018

On 01/05/2018 05:29 PM, Lou Wynn wrote:
> On 01/05/2018 01:10 AM, Kristian Fiskerstrand wrote:
>> There are easily scenarios where a customer forgets to add the "auditing
>> key", making the data unavailable to the organization, in particular in
>> context of loss of employee.
> The auditing key is certified by the root key and stays with the latter
> in my design. Only the administrator can make policy to turn on/off
> auditing, the client plugin takes corresponding actions automatically.
> End users don't need to do anything, namely, using or not using the
> auditing key to encrypt is completely transparent to end users. As a
> result, there is no such issue of "forgetting to add it."

Can you please elaborate on how this would be compatible with existing
implementations of RFC4880?

Kristian Fiskerstrand
Twitter: @krifisk
Public OpenPGP keyblock at hkp://
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
"A ship is safe in harbour, but that's not what ships are for"
(Will Shedd)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list