Encryption Management Server Verified Directory optionally allows internal users to submit PGP keys.
An internal user is a user whose key contains an email domain that is listed under Consumers / Managed Domains in Encryption Management Server. For example, if the user's key has an email address of [email protected] and example.com is listed under Consumers / Managed Domains, that user is regarded as an internal user.
Verified Directory only stores public keys. If a private key is uploaded, only the public key is saved.
If an internal user submits their key with the same key ID as the key already associated with their account, the user's existing private key is replaced with the uploaded public key.
Symantec Encryption Management Server 3.3.2 MP13 and above with the Verified Directory service enabled.
To avoid internal users effectively overwriting their own private keys, do one of the following: