Modernizing Web-of-trust for Organizations

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Fri Jan 5 21:54:18 CET 2018


On 01/05/2018 05:29 PM, Lou Wynn wrote:
> On 01/05/2018 01:10 AM, Kristian Fiskerstrand wrote:
>> There are easily scenarios where a customer forgets to add the "auditing
>> key", making the data unavailable to the organization, in particular in
>> context of loss of employee.
>>
> The auditing key is certified by the root key and stays with the latter
> in my design. Only the administrator can make policy to turn on/off
> auditing, the client plugin takes corresponding actions automatically.
> End users don't need to do anything, namely, using or not using the
> auditing key to encrypt is completely transparent to end users. As a
> result, there is no such issue of "forgetting to add it."

Can you please elaborate on how this would be compatible with existing
implementations of RFC4880?


-- 
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"A ship is safe in harbour, but that's not what ships are for"
(Will Shedd)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180105/9a2bc38c/attachment.sig>


More information about the Gnupg-users mailing list