The admins should also sign the generated OpenPGP key, so that
non-admins members can rely on the Web of Trust instead of the usual CA
model. (Both are compatible, by the way.) See
[[http://web.monkeysphere.info/]].