Re: Enterprise Key Management?
On 03/16/2013 09:19 AM, Abel Luck wrote: Jon Molesa: >I agree. In that case, how exactly would one come about a CA certificate >that isn't self-signed and thus trusted by those we wish to communicate >with? > Buy one of course. Or use https://www.startssl.com/, or one of the other free vendors. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Enterprise Key Management?
Jon Molesa: > I agree. In that case, how exactly would one come about a CA certificate > that isn't self-signed and thus trusted by those we wish to communicate > with? > Buy one of course. > Jon Molesa > On Mar 16, 2013 7:36 AM, "Abel Luck" wrote: > >> Jon Molesa: >>> Does anyone have a recommended best practice and accompanying tool for >>> enterprise key management? >>> >>> I'm looking for: >>> - Centralized key management >>> - Master (Company Owned) signing key >>> - Sub-keys issued to employees >>> - Best way to handle revocations >>> - Integration with LDAP/AD if possible >>> - Integration with desktop email clients >>> - Integration with desktop gnupg implementations (Windows, Mac, Linux) >>> >>> I realize this is rather broad, but if anyone has pointers or notes >>> they would be willing to share, I would really appreciate it. >>> >>> I came across this http://www.egpg.org/, though it no longer looks >>> active or maintained. >>> >> >> This seems like a better application of S/MIME as it, by design, is >> centralized in the manner you describe. >> >> ~abel >> >> >> ___ >> Gnupg-users mailing list >> Gnupg-users@gnupg.org >> http://lists.gnupg.org/mailman/listinfo/gnupg-users >> > ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Enterprise Key Management?
Jon Molesa: > Does anyone have a recommended best practice and accompanying tool for > enterprise key management? > > I'm looking for: > - Centralized key management > - Master (Company Owned) signing key > - Sub-keys issued to employees > - Best way to handle revocations > - Integration with LDAP/AD if possible > - Integration with desktop email clients > - Integration with desktop gnupg implementations (Windows, Mac, Linux) > > I realize this is rather broad, but if anyone has pointers or notes > they would be willing to share, I would really appreciate it. > > I came across this http://www.egpg.org/, though it no longer looks > active or maintained. > This seems like a better application of S/MIME as it, by design, is centralized in the manner you describe. ~abel ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users