What I meant is that you do not need to add the PIN into the GAL because the users will get the PIN when they do a lookup. They can then add that user to the address book.
If your server is down then lookup will fail I beleive. In that case, having user's PIN would be usefull. I agree with the rest of your comments