easy email encryption

Jacob Perkins jap1 at users.sourceforge.net
Mon Oct 21 23:19:01 CEST 2002 

How about using a locally controlled key server, say in a corporate
network?  It wouldn't necessarily sync with public key servers, just
serve employee keys.  Getting a one-to-one match for email address to
key should work pretty well in this situation, correct?

On Mon, 2002-10-21 at 14:19, Michael H. Warfield wrote:
> On Mon, Oct 21, 2002 at 09:24:36AM +0200, Werner Koch wrote:
> > On 20 Oct 2002 22:47:21 -0500, Jacob Perkins said:
> 
> > > following: given an email (address + message), retrieves a pgp/gpg key
> > > locally or from a key server (local network or public), then encrypts
> 
> > This can't work because a public keysever may carry several keys
> > for the same email address.  You need another criteria to decide which
> > key to use; probablky the best thing is to require a key signature
> > from a well-known key.
> 
> 	Even worse...  Those keys may not even come from the owner of
> the E-Mail address.
> 
> 	Bruce Schneier says there is a key on the ring with his address
> on it but it's not his.  He gave up trying to get rid of it since the
> keyservers resync it back faster than he can nuke copies and he can't
> get to all the copies.  Obviously, he can revoke it either, since he
> didn't generate it.  So the owner of an E-Mail address can even get
> rid of malicious or bogus keys in his own name.
> 
> > Shalom-Salam,
> 
> >    Werner
> 
> 	Mike
> -- 
>  Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
>   /\/\|=mhw=|\/\/       |  (678) 463-0932   |  http://www.wittsend.com/mhw/
>   NIC whois:  MHW9      |  An optimist believes we live in the best of all
>  PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!
> 
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20021021/95b52ec4/attachment.bin

More information about the Gnupg-devel mailing list