On Tue, 19 Feb 2008 14:25, [EMAIL PROTECTED] said: > PGP Corporation has a patent on ADKs. That's the number one reason > why the other OpenPGP implementations do not support it.
Frankly, I did not knew about this patent until now. I consider the ADK the wrong solution to a problem which can't be solved by a tool. The assumed threat model is that an encrypted mail is received by an employee and then other employees are not able to read this mail. In particular if the original recipient is on vacation or not anymore with the company. Or well, he willfully keeps that (company) mail private. The latter case is actually identical to snail mail: How do you assure that all mail to a company really receives the company and not just one person? The internal post office opens the envelope, stamps it, sometimes makes a copy and then distributes it to the actual recipient. Problem solved. Also solves the problem of keeping archives of all business mail (which is a legal requirment in Germany). You can and need do do the same with email: Either use a central gateway or create pool keys for the employees. It is merely an organisational matter that an employee does not use his private key for business tasks. And if he does anyway, it is the same as with snail mail: The address on the envelope is marked "private" and not to be opened by the company. We won't add ARR (aka ADK) to GnuPG. It would be more useful to add a re-encode feature to add another public or symmetric key for decryption. A mail framework may the use this to enforce a mail policy. Salam-Shalom, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
