File Share Encryption

 View Only

  • 1.  Verify organization key

    Posted Dec 06, 2014 09:07 AM

    Hi

    For internal Symantec Encryption Desktop users all  SEMS SKMS keys are marked verified on the client, but when we share the public key to an external user  it shows as not verified, even if we include the public part of the organization key. I'm guessing it is becuase the organization key is not signed and verifed?

    How do I sign the Organization key so it is trusted by users outside our organization? The organization key we use was automatically created during installation.

     

    Torb



  • 2.  RE: Verify organization key

    Posted Dec 08, 2014 04:08 PM

    One of the basic premises of PGP encryption is that you receive a key from someone you know is a valid entity, then you verify that key by signing it and setting trust.  That ensures that a key is not automatically trusted, which is a security precaution.

    The party you sent the key to is responsible for verifying the key to make sure it came from a valid source (confirm that it is your key by checking the fingerprint with you, etc.), and then trusting that key appropriately.  Internal keys are verified because the internal users will see that their organization's keyserver issued and signed the keys.

    There is no method for having a key automatically be trusted by an external user.  This is by design.  There is no need to sign your organization key.

     



  • 3.  RE: Verify organization key

    Posted Dec 08, 2014 05:25 PM

    Oki. I was just guessing since all keys uploaded to keyserver.pgp.com was automatically trusted. There was some way to do the same with an organizations keyserver if we got the organization key trusted by the WOT:


    But this is not possible?