"Jim Berland" <[EMAIL PROTECTED]> writes: > > There are other flaws in the computer system that would have to be > addressed (a secretary has root access to the server to let her start > the daily backup process after work), but I'm not in charge of that. I > Huh? That requires only a single suid-root command.
> > Since I'm going through the trouble of setting everything up and > teaching our employees, though, it would be great to also use GPG with > business partners. I don't think it's really going to happen, but > If you want secure communication with your partners, you might have better luck with X.509 certificates. They "just work" under windows. The only needed initial setup is import of the root certificate. Free certificates are available from www.cacert.org The advantage of X.509 is that it's rooted trust model, ie. a key cannot have multiple signatures (you expressed that as a concern earlier; signatures can be used to infer relationships). If you and you partners use a common neutral CA, such as cacert.org, no such relationship can be inferred. Plus, X.509 certificates have capabilities (KeyUsage field, such as signature and encryption) which distinguish normal signing and key signing. User certificates do not have the "KeySign" capability turned on. Yes, an employee can still use "normal" (w/o KeySign capability) certificate to issue another certificate. However, standard-conforming software such as OpenSSL will a) not allow such issuance to be made [in effect, one has to code own CA which disregards key usage policies], and b) trust chain will be rejected by standard software [eg OpenSSL and Windows CryptoAPI; these are much harder to "convince" in alternate verification strategies, if possible at all with CryptoAPI]. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
