GnuPG for a small company -- Questions before I start
Eray Aslan
eray.aslan at caf.com.tr
Thu May 24 18:01:35 CEST 2007
On 17.05.2007 16:10, Janusz A. Urbanowicz wrote:
[...]
> When I did similar things the setup was as follows:
>
> * there is one well-guarded organization key (org key)
> * every person involved has a key signed by the org key
> * people keys have designated-revoker set to org key
> * all OpenPGP software installation have:
> ** mandatory encrypt-to org key
Which option is that in gpg.conf?
> ** ultimate trust for the org key
How does one deal with people quitting or people getting hired? You can
revoke the keys for those that quit. But how do you inform coworkers
that someone's key is revoked? Or similarly distribute the new public
key to existing employees for someone who has been just hired? In-house
keyserver?
Thank you
--
Eray
More information about the Gnupg-users
mailing list