On 01/04/2018 01:31 PM, Kristian Fiskerstrand wrote: > On 01/04/2018 10:21 PM, Lou Wynn wrote: >> After a client plugin logs in successfully, the server sends the user's >> encrypted email key to the client. > Aren't you better off with a gateway solution like PGP Universal / > Symantec Encryption Server (or for that matter if GPGRelay is still > alive) ? That never exposes key material to client, i.e always operates > within corporate infrastructure and removes a lot of complexity and > allows for easier indexing/searching. > It's doable, but I'd like to make sure that I understand what you mean by "within corporate infrastructure?" Do you mean the client plugin sends requests to the server to decrypt and verify received messages? This is definitely a trade-off between key security and performance. But I don't see any obvious benefits given that the user's computer that runs the client plugin also belongs to corporate infrastructure. If the user's computer is compromised, then the administrator simply clean up the computer and re-install or re-initialize user's email client, which includes the client plugin.
In my design, each end user does not have a permanent identity like in OpenPGP where he needs to accumulate his reputation for "trustworthiness." The only authority is the organization's root key. Among other things, a user's key is simply a way of declaring that the email message is authorized by the user who has been certified by the organization's root key. In this situation, a user's key is not more important than his email account. Thanks, Lou _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users