PGP: Shared (e.g. corporate) keys?
 

Is there a safe way to have the members of an organization or department share a private PGP key? I don't mind the trouble of setting up PGP keys for each user, but the decision may not be mine.

I see no problem. Just create a key pair with some group e-mail address as identifier and import both private and public keys into each person's keyring. They will be able to encrypt and decrypt all files with this key pair.

Yeah that's pretty much what we were planning on doing. I haven't done this before really, so I wanted to see if anyone had any comments. We probably won't share an email address, but as long as we use the same ID or specify the same private key for signing, I figure we'll be alright. If anyone knows differently, please let me know.

Thanks!

It would work.
What would this PGP key pair be used to?
Would it be used to sign software releases or anything like that, or would it just be used to sign mails?
If it is to be used as mail signing I would prefer one key per user/employee.