Hello!
A small company of 25-35 people needs to set up PGP for everybody. The
server solution that is offered by PGP corp is too expensive route, so
the individual route has been desided to take. But still some key
management or at least distribution is needed.
Question is: how should the public keys be distributed to the world?
1) Upload them all to the web-server?
2) Upload the "master" key to the web-server and then just have
everybody email their keys to 3rd parties (who can verify the keys as
they are signed with the master)?
3) Set up a own key server using SUSE obviously?
4) Just upload all the keys to some public key sever? Which?
What would you recommend?

Hi,
I would probably upload all public keys to pgp.mit.edu, or set up a own
pgp server for internal use.

PGP SIGNED MESSAGE
Hash: SHA1

The Friday 2006-09-08 at 16:45 +0300, HG wrote:

3) Set up a own key server using SUSE obviously?

Yes.

But I don't know how to do that.

4) Just upload all the keys to some public key sever? Which?

Any one, keys propagate through servers, they are interconnected.

P.S. I just had a look at "Keyserver.net <http://www.keyserver.net>" which
redirected to "veridis", which mentions it is "Powered by FileCrypt
PGP KeyServer 2005-2006 Veridis s.a.". It should be a question of
finding that software. It is not in the distro, or I didn't search for it
properly.
- --
Cheers,
Carlos E. R.

PGP SIGNATURE
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Made with pgp4pine 1.76

DG/wVod2scPNnEVan8Q=
=2Iwa
PGP SIGNATURE

Hi,

A small company of 25-35 people needs to set up PGP for everybody. The
server solution that is offered by PGP corp is too expensive route, so
the individual route has been desided to take. But still some key
management or at least distribution is needed.

i haven't tested yet, but maybe http://www.g10code.de/

Greetings,
Sebastian

Hi!

9/8/06, Kim Johansen - WebDeal AS <kim (AT) webdeal (DOT) nowrote:
Hi,

I would probably upload all public keys to pgp.mit.edu, or set up a own
pgp server for internal use.

For internal use I do not think I need a key server, more for the
customers and 3rd parties that need to communicate using encryption.

As somebody said, there doesn't seem to be any PGP servers easily
available for SUSE. So it'll be quite a jub to get it up and running -
if I'll even find one. So, I guess the route will be the public PGP
servers.

I'm thinking of setting up one "company master key" that I'll use to
sign everybody's keys. I think I should upload that key to the key
servers. Right? Anything to consider there? The users can then either
upload their keys or not.

PGP SIGNED MESSAGE
Hash: SHA1

The Sunday 2006-09-10 at 00:47 +0300, HG wrote:

I'm thinking of setting up one "company master key" that I'll use to
sign everybody's keys. I think I should upload that key to the key
servers. Right? Anything to consider there? The users can then either
upload their keys or not.

No, all keys must be uploaded. , you correspondents will not be
able to check the signatures of the employees.
- --
Cheers,
Carlos E. R.

PGP SIGNATURE
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Made with pgp4pine 1.76

LfBURKRF1mp3cICFAFKc9nM=
=cZUp
PGP SIGNATURE

Hi!

9/10/06, Carlos E. R. <robin.listas (AT) telefonica (DOT) netwrote:
No, all keys must be uploaded. , you correspondents will not be
able to check the signatures of the employees.

Last thing, is pgp.mit.edu _the_ place to upload them? does PGP has
it's own servers?

Thanks to all who responded!

Sunday 10 September 2006 00:27, HG wrote:
Hi!

9/10/06, Carlos E. R. <robin.listas (AT) telefonica (DOT) netwrote:
No, all keys must be uploaded. , you correspondents will not be
able to check the signatures of the employees.

Last thing, is pgp.mit.edu _the_ place to upload them? does PGP has
it's own servers?

Thanks to all who responded!

This has been answered before. All the servers talk to each
other. Upload it anywhere and it will be available everywhere.

Sun, Sep 10, 2006 at 11:27:02AM +0300, HG wrote:
Hi!

9/10/06, Carlos E. R. <robin.listas (AT) telefonica (DOT) netwrote:
>No, all keys must be uploaded. , you correspondents will not be
>able to check the signatures of the employees.

Last thing, is pgp.mit.edu _the_ place to upload them? does PGP has
it's own servers?

pgp keyservers are like small town gossips, they all talk to each
other, and to tell one is to tell them all.

PGP SIGNED MESSAGE
Hash: SHA1

The Sunday 2006-09-10 at 04:13 -0500, Paul Elliott wrote:

Last thing, is pgp.mit.edu _the_ place to upload them? does PGP has
it's own servers?

pgp keyservers are like small town gossips, they all talk to each
other, and to tell one is to tell them all.

Right. Just choose one that works fast and reliably.
- --
Cheers,
Carlos E. R.

PGP SIGNATURE
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Made with pgp4pine 1.76

S+qhFQSfZSI=
=GmWx
PGP SIGNATURE

Hi!

9/10/06, John Andersen <jsa (AT) pen (DOT) homeip.netwrote:
Sunday 10 September 2006 00:27, HG wrote:
Hi!

9/10/06, Carlos E. R. <robin.listas (AT) telefonica (DOT) netwrote:
No, all keys must be uploaded. , you correspondents will not be
able to check the signatures of the employees.

Last thing, is pgp.mit.edu _the_ place to upload them? does PGP has
it's own servers?

Thanks to all who responded!

This has been answered before. All the servers talk to each
other. Upload it anywhere and it will be available everywhere.

Sorry, I guess I didn't understand it the first time. Thanks to all
for explaning this though. I hope not to waste more of your time with
this.