Hello! A small company of 25-35 people needs to set up PGP for everybody. The server solution that is offered by PGP corp is too expensive route, so the individual route has been desided to take. But still some key management or at least distribution is needed. Question is: how should the public keys be distributed to the world? 1) Upload them all to the web-server? 2) Upload the "master" key to the web-server and then just have everybody email their keys to 3rd parties (who can verify the keys as they are signed with the master)? 3) Set up a own key server using SUSE obviously? 4) Just upload all the keys to some public key sever? Which? What would you recommend? -- HG.
Hi, I would probably upload all public keys to pgp.mit.edu, or set up a own pgp server for internal use. -- Best regards Kim Johansen - WebDeal AS Linux Systems Administrator Teknologiveien 22 - 2815 Gjøvik - NORWAY Phone: +47 61 13 16 50 - ICQ: 262860894 E-mail: kim@webdeal.no - URL: www.webdealhosting.com --------------------------------- Affordable Enterprise Services --------------------------------- HG wrote:
Hello!
A small company of 25-35 people needs to set up PGP for everybody. The server solution that is offered by PGP corp is too expensive route, so the individual route has been desided to take. But still some key management or at least distribution is needed.
Question is: how should the public keys be distributed to the world? 1) Upload them all to the web-server? 2) Upload the "master" key to the web-server and then just have everybody email their keys to 3rd parties (who can verify the keys as they are signed with the master)? 3) Set up a own key server using SUSE obviously? 4) Just upload all the keys to some public key sever? Which?
What would you recommend?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2006-09-08 at 16:45 +0300, HG wrote:
3) Set up a own key server using SUSE obviously?
Yes. But I don't know how to do that.
4) Just upload all the keys to some public key sever? Which?
Any one, keys propagate through servers, they are interconnected. P.S. I just had a look at "Keyserver.net http://www.keyserver.net" which redirected to "veridis", which mentions it is "Powered by FileCrypt OpenPGP KeyServer © 2005-2006 Veridis s.a.". It should be a question of finding that software. It is not in the distro, or I didn't search for it properly. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFAX19tTMYHG2NR9URAjA8AJ4oGjZDYmghARZQHzB+TxYLUAzgTwCfX0PT ivmODG/wVod2scPNnEVan8Q= =2Iwa -----END PGP SIGNATURE-----
Hi,
A small company of 25-35 people needs to set up PGP for everybody. The server solution that is offered by PGP corp is too expensive route, so the individual route has been desided to take. But still some key management or at least distribution is needed.
i haven't tested yet, but maybe ... http://www.g10code.de/ Greetings, Sebastian -- Mit freundlichen Grüßen, | ICA - Dr. Uhlig | Tel.: +49 3303 503341 Sebastian Uhlig | Brieseallee 39 | Fax: +49 3303 503343 | 16547 Birkenwerder | Internet: www.ica-net.de
participants (4)
-
Carlos E. R.
-
HG
-
Kim Johansen - WebDeal AS
-
Sebastian Uhlig - ICA