This article details how to add an additional decryption key (ADK) to a PGP key.
An additional decryption key (ADK) is a key generally used by security officers of an organization to decrypt messages that have been sent to or from employees within the organization.
Messages encrypted by a key with an ADK are encrypted to the public key of the recipient and to the ADK, which means the holder of the ADK can also decrypt the message.
Note: ADKs are rarely used or needed outside of a PGP Universal Server-managed environment. Although your PGP administrator should not ordinarily need to use the additional decryption keys, there may be circumstances when it is necessary to recover someones email. For example, if someone is injured and out of work for some time, or if email records are subpoenaed by a law enforcement agency and the corporation must decrypt mail as evidence for a court case. |
You can only modify ADKs on your keypairs.
Adding an ADK to a Keypair
To add an ADK
Note: If add an ADK to your key, then those who send you encrypted email must be able to access the public key portion of the ADK.