Mailing List Archive: GnuPG: users

Corporate use of gnupg

Index | Next | Previous | View Threaded

texaskilt at yahoo

Feb 6, 2008, 11:35 AM

Post #1 of 22 (1377 views)
Permalink

Corporate use of gnupg

Apologies if this has already been asked. Honestly, I did my homework and
looked in the archives!

I am wanting to setup up users to use GnuPG for encrypting email, mainly for
internal e-mail.

Unfortunately, the "powers-that-be" want everyone that encrypts an email to
also encrypt it to the "corporate secret key". Their reasoning is that if a
person leaves, they want to have access to the old emails in case there is a
"business critical" email in there.

Is there a way to "force" users to encrypt to a corporate key, in addition
to the receipient's key?

Thanks,

TK
--
View this message in context: http://www.nabble.com/Corporate-use-of-gnupg-tp15312177p15312177.html
Sent from the GnuPG - User mailing list archive at Nabble.com.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

dshaw at jabberwocky

Feb 10, 2008, 11:57 AM

Post #2 of 22 (1347 views)
Permalink

Re: Corporate use of gnupg [In reply to]

On Wed, Feb 06, 2008 at 11:35:14AM -0800, Texaskilt wrote:
>
> Apologies if this has already been asked. Honestly, I did my homework and
> looked in the archives!
>
> I am wanting to setup up users to use GnuPG for encrypting email, mainly for
> internal e-mail.
>
> Unfortunately, the "powers-that-be" want everyone that encrypts an email to
> also encrypt it to the "corporate secret key". Their reasoning is that if a
> person leaves, they want to have access to the old emails in case there is a
> "business critical" email in there.

This is essentially the rationale behind the "ADK" (additional
decryption key) feature of PGP.

> Is there a way to "force" users to encrypt to a corporate key, in addition
> to the receipient's key?

It depends on how strong the term "force" is. Even in PGP, the ADK
system can be circumvented if the person tries hard enough.

If you trust your employees to not hack you, then you can just stick a
"encrypt-to (the keyid)" in everyone's gpg.conf file and give everyone
a copy of the corporate public key.

Note that this isn't safe because of the crypto math. It's "safe"
because you can fire people that don't do it ;)

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gnupg at ethen

Feb 13, 2008, 12:30 PM

Post #3 of 22 (1350 views)
Permalink

Re: Corporate use of gnupg [In reply to]

And what do they want to do with the recieved emails? The only possibility I
see is to put everyone's private keys and passowrds into a safe - then you
can decrypt sent and received mail later.

> Apologies if this has already been asked. Honestly, I did my homework and
> looked in the archives!
>
> I am wanting to setup up users to use GnuPG for encrypting email, mainly
> for internal e-mail.
>
> Unfortunately, the "powers-that-be" want everyone that encrypts an email to
> also encrypt it to the "corporate secret key". Their reasoning is that if
> a person leaves, they want to have access to the old emails in case there
> is a "business critical" email in there.
>
> Is there a way to "force" users to encrypt to a corporate key, in addition
> to the receipient's key?
>
> Thanks,
>
> TK

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Feb 13, 2008, 9:24 PM

Post #4 of 22 (1343 views)
Permalink

Re: Corporate use of gnupg [In reply to]

Quoting gnupg [at] ethen:
> And what do they want to do with the recieved emails? The only possibility I
> see is to put everyone's private keys and passowrds into a safe - then you
> can decrypt sent and received mail later.

Same problem exists with PGP's ADK feature, which should really be
named an ARR, for Additional Recipient Request. While ADK usage can
be enforced within the ADK-using group (mostly: there are some
caveats), emails from outside the group going in to the group are
under no such restrictions.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

max.allan at nbs

Feb 14, 2008, 3:09 AM

Post #5 of 22 (1345 views)
Permalink

RE: Corporate use of gnupg [In reply to]

You're cracking the wrong nut. We've concluded : You can't enforce everyone to ensure their email is decryptable.
So the solution is to make sure they don't get encrypted email.

Use GPG at a gateway level and deny any internal mail that can't be decrypted. This is the way PGPU can work. All internal users'
keys are stored on the PGPU server, users don't need to know their passwords or anything about their keys. The server decrypts or
encrypts as required. All traffic on your local network is in the clear.

We used to have a TFS server doing something similar using GPG. (you need to buy TFS, I don't know if there is a free solution out
there)

Of course if your encryption policy is designed to prevent colleagues reading each others email, then this doesn't work. But if
people can access each others mailboxes, you've got a different problem (with file permissions)!

If it's too many people with root/administrator account that can read everyone's mail causing fear, then move the mail server to a
new, more secure box and only one person has the password (probably you should have sudo or similar setup so you can do admin
tasks).

Max

> -----Original Message-----
> From: gnupg-users-bounces [at] gnupg
> [mailto:gnupg-users-bounces [at] gnupg] On Behalf Of Robert J. Hansen
> Sent: 14 February 2008 05:24
> To: gnupg-users [at] gnupg
> Subject: Re: Corporate use of gnupg
>
> Quoting gnupg [at] ethen:
> > And what do they want to do with the recieved emails? The only
> > possibility I see is to put everyone's private keys and
> passowrds into
> > a safe - then you can decrypt sent and received mail later.
>
> Same problem exists with PGP's ADK feature, which should
> really be named an ARR, for Additional Recipient Request.
> While ADK usage can be enforced within the ADK-using group
> (mostly: there are some caveats), emails from outside the
> group going in to the group are under no such restrictions.
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users [at] gnupg
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>

Attachments:

PGP.sig (0.48 KB)

texaskilt at yahoo

Feb 15, 2008, 7:00 PM

Post #6 of 22 (1317 views)
Permalink

Re: Corporate use of gnupg [In reply to]

I guess what we are wanting is for every mail user to have their own
public/private key. This way they can encrypt their own email on the
corporate system.

In addition, every email would also be encrypted using the "corporate key"
that would be in the hands of a select few (supposedly).

For example, the sales force can send encrypted mail to each other, but when
a salesperson leaves the company, the Email Admin can retreive and decrypt
the email so that the salesperson's replacement can pick up their accounts
without too much disruption.

Looks like this is ADK. Is there any way to do this on gpg?

Thanks,

TK

David Shaw wrote:
>
> On Wed, Feb 06, 2008 at 11:35:14AM -0800, Texaskilt wrote:
>>
>> Apologies if this has already been asked. Honestly, I did my homework
>> and
>> looked in the archives!
>>
>> I am wanting to setup up users to use GnuPG for encrypting email, mainly
>> for
>> internal e-mail.
>>
>> Unfortunately, the "powers-that-be" want everyone that encrypts an email
>> to
>> also encrypt it to the "corporate secret key". Their reasoning is that
>> if a
>> person leaves, they want to have access to the old emails in case there
>> is a
>> "business critical" email in there.
>
> This is essentially the rationale behind the "ADK" (additional
> decryption key) feature of PGP.
>
>> Is there a way to "force" users to encrypt to a corporate key, in
>> addition
>> to the receipient's key?
>
> It depends on how strong the term "force" is. Even in PGP, the ADK
> system can be circumvented if the person tries hard enough.
>
> If you trust your employees to not hack you, then you can just stick a
> "encrypt-to (the keyid)" in everyone's gpg.conf file and give everyone
> a copy of the corporate public key.
>
> Note that this isn't safe because of the crypto math. It's "safe"
> because you can fire people that don't do it ;)
>
> David
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users [at] gnupg
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>

--
View this message in context: http://www.nabble.com/Corporate-use-of-gnupg-tp15312177p15514362.html
Sent from the GnuPG - User mailing list archive at Nabble.com.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

nicholas.cole at gmail

Feb 19, 2008, 4:28 AM

Post #7 of 22 (1315 views)
Permalink

Re: Corporate use of gnupg [In reply to]

On Sat, Feb 16, 2008 at 3:00 AM, Texaskilt <texaskilt [at] yahoo> wrote:
>
> Looks like this is ADK. Is there any way to do this on gpg?

GPG does not implement ADK. I think that, historically, it seemed too
much like the kind of key escrow systems that governments have from
time to time talked about wanting, although clearly there is a
difference.

I know that ADK can be circumvented by a determined attacker, but it
strikes me as a useful feature, and I have never quite understood the
opposition to it. It would have made encryption more palatable in
corporate settings, which surely would have been a good thing!

But I'm not an expert, and I'm probably missing a point somewhere...

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

david at miradoiro

Feb 19, 2008, 5:23 AM

Post #8 of 22 (1321 views)
Permalink

Re: Corporate use of gnupg [In reply to]

> I know that ADK can be circumvented by a determined attacker, but it
> strikes me as a useful feature, and I have never quite understood the
> opposition to it. It would have made encryption more palatable in
> corporate settings, which surely would have been a good thing!

IMO there are two possibilities: 1) your users are forgetful but honest, 2)
your users are dishonest.

For case 1, an equivalent of ADK can be obtained with a line on GPG's
configuration file.

For case 2, you are screwed, and ADK is only going to give you a false sense
of security.

Thus ADK is either pointless or unnecessary.

--David.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Feb 19, 2008, 5:25 AM

Post #9 of 22 (1312 views)
Permalink

Re: Corporate use of gnupg [In reply to]

Nicholas Cole wrote:
> I know that ADK can be circumvented by a determined attacker, but it
> strikes me as a useful feature, and I have never quite understood the
> opposition to it.

PGP Corporation has a patent on ADKs. That's the number one reason why
the other OpenPGP implementations do not support it.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

dshaw at jabberwocky

Feb 19, 2008, 5:33 AM

Post #10 of 22 (1310 views)
Permalink

Re: Corporate use of gnupg [In reply to]

On Fri, Feb 15, 2008 at 07:00:12PM -0800, Texaskilt wrote:
>
> I guess what we are wanting is for every mail user to have their own
> public/private key. This way they can encrypt their own email on the
> corporate system.
>
> In addition, every email would also be encrypted using the "corporate key"
> that would be in the hands of a select few (supposedly).
>
> For example, the sales force can send encrypted mail to each other, but when
> a salesperson leaves the company, the Email Admin can retreive and decrypt
> the email so that the salesperson's replacement can pick up their accounts
> without too much disruption.
>
> Looks like this is ADK. Is there any way to do this on gpg?

Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.

Of course, they could turn around and take it right out again. Unless
you have pretty tight control over the environment, ADKs or
encrypt-tos are not foolproof (and that applies to both PGP and GPG).

As I said before, note that this isn't safe because of the crypto
math. It's "safe" because you can fire people who don't do it.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

hardeeps at hcl

Feb 19, 2008, 5:39 AM

Post #11 of 22 (1291 views)
Permalink

RE: Corporate use of gnupg [In reply to]

Hi All

Isnt it pretty easy to have a script on the server (try to) decrypt each
email. If the email decrypts, fine else not allow the email to go
through. That will force people to retain the option in conf file if
they want their message to reach.

Regards
Hardeep Singh
http://www.SeeingWithC.org/

-----Original Message-----
From: gnupg-users-bounces [at] gnupg
[mailto:gnupg-users-bounces [at] gnupg] On Behalf Of David Shaw
Sent: Tuesday, February 19, 2008 7:04 PM
To: gnupg-users [at] gnupg
Subject: Re: Corporate use of gnupg

On Fri, Feb 15, 2008 at 07:00:12PM -0800, Texaskilt wrote:
>
> I guess what we are wanting is for every mail user to have their own
> public/private key. This way they can encrypt their own email on the
> corporate system.
>
> In addition, every email would also be encrypted using the "corporate
key"
> that would be in the hands of a select few (supposedly).
>
> For example, the sales force can send encrypted mail to each other,
> but when a salesperson leaves the company, the Email Admin can
> retreive and decrypt the email so that the salesperson's replacement
> can pick up their accounts without too much disruption.
>
> Looks like this is ADK. Is there any way to do this on gpg?

Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.

Of course, they could turn around and take it right out again. Unless
you have pretty tight control over the environment, ADKs or encrypt-tos
are not foolproof (and that applies to both PGP and GPG).

As I said before, note that this isn't safe because of the crypto math.
It's "safe" because you can fire people who don't do it.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

DISCLAIMER:
-----------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have
received this email in error please delete it and notify the sender immediately. Before opening any mail and
attachments please check them for viruses and defect.

-----------------------------------------------------------------------------------------------------------------------

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

email at sven-radde

Feb 19, 2008, 5:57 AM

Post #12 of 22 (1319 views)
Permalink

Re: Corporate use of gnupg [In reply to]

David Shaw schrieb:
>> Looks like this is ADK. Is there any way to do this on gpg?
>>
> Yes. Put "encrypt-to (the-adk-key)" in everyone's gpg.conf.
I thought that ADKs would work whenever encrypting to a key with that
feature enabled (i.e. also for incoming emails)? I.e. it is per-key and
not a per-user setting?
Of course, for outgoing mail you'd still need the additional encrypt-to
(unless you regularly encrypt to your own key which would have the ADK).

Furthermore, PGP has this fascinating key-splitting options that allow
you to distribute shares of a secret key to a group and define how many
shares would be necessary to conduct secret-key operations. There, you
would actually have "the math" ensuring that the boss can read the email.
This would allow advances schemes like: "Either the original owner alone
or the boss in cooperation with the company's notary public can decrypt
mail."
Or, leaving ADK-related use-cases aside, "3 of 5 board members are
required to approve an order by digitally signing it."

It seems that GnuPG has no capability to ensure decrypt-ability for
incoming encrypted data, apart from outright key-escrow.

It has been a while since I was last using the commercial PGPs, and I
could remember falsely.
So, feel free to correct me if I'm wrong (in particular, I have no idea
whether these features are still present in recent (freeware) versions).

cu, Sven

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

nicholas.cole at gmail

Feb 19, 2008, 6:19 AM

Post #13 of 22 (1317 views)
Permalink

Re: Corporate use of gnupg [In reply to]

Just to address the original point of the thread, though, could you
not use sub-keys to achieve the most of the effect you want?

Have everyone share an encryption/decryption subkey, but have their
own separate signing keys. The disadvantage would be that anyone in
the group (ie not just an administrator or the like) could decrypt
anyone else's email - but in many settings that might be acceptable or
even advantageous.

Best,

N

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

nicholas.cole at gmail

Feb 19, 2008, 6:54 AM

Post #14 of 22 (1309 views)
Permalink

Re: Corporate use of gnupg [In reply to]

On Tue, Feb 19, 2008 at 1:23 PM, David Pic�n �lvarez
<david [at] miradoiro> wrote:
> > I know that ADK can be circumvented by a determined attacker, but it
> > strikes me as a useful feature, and I have never quite understood the
> > opposition to it. It would have made encryption more palatable in
> > corporate settings, which surely would have been a good thing!
>
> IMO there are two possibilities: 1) your users are forgetful but honest, 2)
> your users are dishonest.
>
> For case 1, an equivalent of ADK can be obtained with a line on GPG's
> configuration file.
>
> For case 2, you are screwed, and ADK is only going to give you a false sense
> of security.
>
> Thus ADK is either pointless or unnecessary.

This just simply isn't true.

Putting a line in a config file may be fine for internal mail, but
does nothing to help you to be able to decrypt mail sent from outside
your organisation. It also locks everyone into using gpg - I thought
the whole point of gpg / opengpg was to be inter-operative.

Secondly, there might be any number of reasons why a user might not be
able to give you access to a key. He might be incompetent, he might
be unexpectedly ill or worse. And so on, and so forth.

But my real point is this: gpg in most areas says "This is a tool.
Your threat models will vary, and we give you a tool which you can
deploy". But in the area of ADK, even when for years people have said
on this list and elsewhere, "ADK would help with the
threat/organizational model we have", GPG refuses to help. "alter
your config file" solves (at best) half of the problem.

There may be very good technical reasons why ADKs are a bad idea, but
I've never seen them explained. There was, I know, an attack on PGP
which relied upon them a while ago, but IIRC that bug was easily
fixed.

Best wishes,

N

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

wk at gnupg

Feb 19, 2008, 9:21 AM

Post #15 of 22 (1320 views)
Permalink

Re: Corporate use of gnupg [In reply to]

On Tue, 19 Feb 2008 14:25, rjh [at] sixdemonbag said:

> PGP Corporation has a patent on ADKs. That's the number one reason
> why the other OpenPGP implementations do not support it.

Frankly, I did not knew about this patent until now.

I consider the ADK the wrong solution to a problem which can't be solved
by a tool.

The assumed threat model is that an encrypted mail is received by an
employee and then other employees are not able to read this mail. In
particular if the original recipient is on vacation or not anymore with
the company. Or well, he willfully keeps that (company) mail private.
The latter case is actually identical to snail mail: How do you assure
that all mail to a company really receives the company and not just one
person? The internal post office opens the envelope, stamps it,
sometimes makes a copy and then distributes it to the actual recipient.
Problem solved. Also solves the problem of keeping archives of all
business mail (which is a legal requirment in Germany).

You can and need do do the same with email: Either use a central gateway
or create pool keys for the employees. It is merely an organisational
matter that an employee does not use his private key for business tasks.
And if he does anyway, it is the same as with snail mail: The address on
the envelope is marked "private" and not to be opened by the company.

We won't add ARR (aka ADK) to GnuPG. It would be more useful to add a
re-encode feature to add another public or symmetric key for decryption.
A mail framework may the use this to enforce a mail policy.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

aolsen at standard

Feb 19, 2008, 9:38 AM

Post #16 of 22 (1305 views)
Permalink

RE: Corporate use of gnupg [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

>From: Nicholas Cole
>Sent: Tuesday, February 19, 2008 6:54 AM
>To: gnupg-users [at] gnupg
>Subject: Re: Corporate use of gnupg

>On Tue, Feb 19, 2008 at 1:23 PM, David Picón Álvarez <david [at] miradoiro> wrote:
>> > I know that ADK can be circumvented by a determined attacker, but it
>> > strikes me as a useful feature, and I have never quite understood
>> the > opposition to it. It would have made encryption more palatable
>> in > corporate settings, which surely would have been a good thing!
>>
>> IMO there are two possibilities: 1) your users are forgetful but
>> honest, 2) your users are dishonest.
>>
>> For case 1, an equivalent of ADK can be obtained with a line on GPG's
>> configuration file.
>>
>> For case 2, you are screwed, and ADK is only going to give you a
>> false sense of security.
>>
>> Thus ADK is either pointless or unnecessary.

>This just simply isn't true.

>Putting a line in a config file may be fine for internal mail, but does nothing to help you to be able to decrypt mail sent from outside your organisation. >It also locks everyone into using gpg - I thought the whole point of gpg / opengpg was to be inter-operative.

>Secondly, there might be any number of reasons why a user might not be able to give you access to a key. He might be incompetent, he might be unexpectedly >ill or worse. And so on, and so forth.

>But my real point is this: gpg in most areas says "This is a tool. Your threat models will vary, and we give you a tool which you can deploy". But in the >area of ADK, even when for years people have said on this list and elsewhere, "ADK would help with the threat/organizational model we have", GPG refuses to >help. "alter your config file" solves (at best) half of the problem.

>There may be very good technical reasons why ADKs are a bad idea, but I've never seen them explained. There was, I know, an attack on PGP which relied
>upon them a while ago, but IIRC that bug was easily fixed.

Someone else brought up the issue of the technique being patented. (Seems like a pretty obvious idea, but so are most software patents.)

In a corporate setting, you really just want key escrow. Have a "official" company signing key. When new employees come on board, they are issued a PGP/GPG key that is signed and the secret key data is copied to non-volitile media and stored in a safe. It is only available under restricted circumstances (to prevent managers from exploiting the keys for their own gain). It also gives some authenticity to the key by having some sort of web of trust internally. Something like this takes manpower and time to manage, but so does manageing employee keycards and other authorization data.

Not that I have ever seen a company that does this. Even companies that make heavy use of encryption do not seem to have anyone at a mamagement level that understands how it needs to be managed.

-----BEGIN PGP SIGNATURE-----
Version: 9.5.3 (Build 5003)

wsBVAwUBR7sUEWqdmbpu7ejzAQo+CQf/apv9Vb0gI8fpaURwxyXJlxcJCNfOcnMU
WwBQxdL0p2v6H+H8OMf+seAMixmoNl9EzT3NMalmdISP6H9g0656Fte+IemawBOj
N0gPB/i2FqmbgW7XlEaULl8LTqwBKfZ9VCqas/HC+ur4q1BrcgHOmlp939R+9fdC
u+ByXAF+bdLAwKMoRj5+rCLZ8UV1YYPe8mKIVIlVp4O62iLRENpPtFDF8hYJMO3O
3YSZ/L/+Gq8wjfB690ufhMs2Lvb3QF+8rFx2jsopEPVAedjKjtKq/1h3KbXql6//
VrtGCkMM3wmxDkdRDmAwMhNMSyo5TPoeA1VITRQAoc2IR/MzxBrAmg==
=8YBw
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Feb 19, 2008, 9:54 AM

Post #17 of 22 (1323 views)
Permalink

Re: Corporate use of gnupg [In reply to]

Werner Koch wrote:
> Frankly, I did not knew about this patent until now.

US Patent 6314190, for those who want to check it out.

> I consider the ADK the wrong solution to a problem which can't be solved
> by a tool.

Mostly agreed.

> We won't add ARR (aka ADK) to GnuPG. It would be more useful to add a
> re-encode feature to add another public or symmetric key for decryption.

The patent language on #6314190 is sufficiently broad that it would
arguably cover this, too, depending on how it's implemented.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

vedaal at hush

Feb 19, 2008, 12:55 PM

Post #18 of 22 (1339 views)
Permalink

Re: Corporate use of gnupg [In reply to]

>> We won't add ARR (aka ADK) to GnuPG. It would be more useful to
>add a
>> re-encode feature to add another public or symmetric key for
>decryption.
>
>The patent language on #6314190 is sufficiently broad that it
>would
>arguably cover this, too, depending on how it's implemented.

a simple corporate solution,
is for the company to generate a gnupg keypair for each employee,
have the employee change the passphrase as desired,
and have the employees generate their own separate signing keys
(not subkeys)

then the company can simply inform all employees that any and all
encrypted mail sent or received by the company must have a
recipient key id that is on the company's 'accepted' list of
employee encryption keys, or the corporate mail filter will discard
it

this way, the employees are responsible for their own signatures,
which cannot be forged by the company, and are aware that the
company can read all company related e-mail,
and no patents are even remotely infringed upon

employees who really want to deceive the company, can send
encrypted files another way, (cdrw truecrypt containers by snail
mail, using gnupg on private home computers etc.), and there is no
simple solution to stop it.

vedaal

any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link

--
The Perfect Baby Gift. Click Here
http://tagline.hushmail.com/fc/Ioyw6h4eUCjMPYjHbFDlJl4GLFkdg5rzznRGZDWJt71njDIDf5WCr9/

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Feb 19, 2008, 1:14 PM

Post #19 of 22 (1312 views)
Permalink

Re: Corporate use of gnupg [In reply to]

vedaal [at] hush wrote:
> a simple corporate solution,

Again, check the patent and then check with a patent lawyer. The patent
language is suitably broad that this sort of thing might be construed by
a court to fall under the patent.

Technical fixes to provide ADK-like functionality are well and good, but
if you aren't looking at the patent and creating this new technology
with an eye towards avoiding the patent, you're playing the legal
version of Russian roulette.

If you want ADK-like functionality, you have two real choices:

(a) buy a commercial PGP product,
(b) spend $200/hr on a patent attorney to make sure your
solution doesn't infringe.

Of course, all this is null and void if you live in a jurisdiction where
software cannot be patented.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

vedaal at hush

Feb 19, 2008, 1:54 PM

Post #20 of 22 (1313 views)
Permalink

Re: Corporate use of gnupg [In reply to]

On Tue, 19 Feb 2008 16:14:55 -0500 "Robert J. Hansen"
<rjh [at] sixdemonbag> wrote:

>Technical fixes to provide ADK-like functionality are well and
>good, but
>if you aren't looking at the patent and creating this new
>technology
>with an eye towards avoiding the patent, you're playing the legal
>version of Russian roulette.

there is no 'technical fix'

the company is simply keeping its own copy of a keypair that it
generates for an employee,
just as it would hold onto a copy of the physical key it generates
for the lock on the employee's office door

that said,
it's always a good idea to consult with the legal people
before any such solutions are implemented

it just seemed reasonable enough and inexpensive enough,
to suggest it to any companies that need it,
and leave the legal follow-up to them

the more companies that adopt a gnupg/pgp solution,
the more that employees will become familiar with encryption,
and are likely to begin to use it privately on their own

vedaal

any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link

--
Get a Business Credit Card. Click Here.
http://tagline.hushmail.com/fc/Ioyw6h4dNfiMChL8gOF9EycnxyE5x2Ge8KfoA1hsccGnGUtv9gjYOj/

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

yalla at fsfe

Feb 26, 2008, 9:42 AM

Post #21 of 22 (1266 views)
Permalink

Re: Corporate use of gnupg [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Berg wrote:
> Alexander W. Janssen wrote:
>> Or chown() the gnupg.conf to some other user. Not sure if gpg will read
>> the file then though.
> If the user has read access (and gpg is being run with that user's
> privileges of course), why wouldn't it?

I don't know :-) I didn't try it and it might be some
security-feature... Like "if the effective UID doesn't match the owner
of ~/.gnupg/gnupg.conf" don't start".

But as I said: Didn't try it. Was just thinking of possibilities.

Alex.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iQCVAwUBR8RPiRYlVVSQ3uFxAQKafgQAg9sDv7XsUrrAwZVk8KpTO3QP3kaxdHim
rFe/kCuFRKQBoIlnW09YRnmGkBqjTMobleGwBd1x/Ylkp6Ksgp/OkOoSNooN8mfp
ixPF8943QydV5ku6ffrPkJBJAaWOVvSBpcfJJpTSB7rBMXsW7KoY8khoQWv1lvfg
Pcl4bM8EoCI=
=q1Uh
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

bahamut at digital-signal

Feb 26, 2008, 10:15 AM

Post #22 of 22 (1269 views)
Permalink

Re: Corporate use of gnupg [In reply to]

Robert J. Hansen wrote:
> Andrew Berg wrote:
>
>> Well, /I/ could've told you that. Don't tell me you never figured that
>> out on your own.
>>
> Unless your day job involves being intimately involved in IP
> transactions (not just writing code), you could have _speculated_ on
> that.
Although I would not bet my life on that, I don't agree that
"speculated" is the right word. I have a bit more confidence it in it
than that.
> There's a big difference between what you believe to be true,
> what you think to be true, what you know to be true, and what you can
> prove to be true.
>
Agreed.
> When dealing with actual dollars and cents, it pays off in the long run
> to pay the money required to get opinions from people who can prove the
> correctness of their assertions. This is true whether you're talking
> about information security, law, medicine, or just about anything else.
I would agree that when there are real, serious negative consequences
involved, one cannot always afford to rely on assumptions, assertions, etc..

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads