Keyserver/security bug 1447 (and 1446 too)

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Mon Dec 3 13:06:59 CET 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 12/03/2012 04:01 PM, jbar wrote:
> 

...

> I means we could use OpenPGP certificate and Web of Trust to 
> authenticate hkp key servers, either by linking GnuPG and sks with 
> GnuTLS to use the RFC6091 about TLS+OpenPGP [0], or by using the 
> protocol I have quickly draft [1] and began to implement on my own 
> key server thttpgpd/ludd [2].


To have it mentioned; Monkeysphere[0] also has a hkpms keyserver
handler that could be used for a WoT approach[1].

[0] http://web.monkeysphere.info/
[1] http://lists.nongnu.org/archive/html/sks-devel/2012-10/msg00002.html


- -- 
- ----------------------------
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Aut dosce, aut disce, aut discede
Either teach, or study, or leave
- ----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
- ----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0-beta100 (GNU/Linux)

iQIcBAEBCAAGBQJQvJXjAAoJEAt/i2Dj7frjiQcQAJwwCrBINau8MiTDLUlfhLVr
5IrNiIHYMgZNEJmtG3jGV0OsyFPWUe1DOV6AT32qpOVidrrsTfdphHCM+VV6w1kw
BFK83KzMulB1Mkx1xGXb77X73w0+sl9S4pxq3et3CuaU0skZkARER3Ht3f20Pjto
KsD9sGZuOp9KyxYLQGcbYe0TORNgz6fkg/P9d835A3NrVP0UTaIaGqkq1834hHOv
FNPZ+W40xR4JFrLmIORk0uyfuxiFlSvW43F/8jSXrATwm/qPyYbhw7G415lLw4Bd
aTbg3W4KpGa+S48hyIg9GQt0Ji5z8PnDq3Npb9wGofw33rheYBSUsTSBnCFyoEex
VysAjKS1nyTbokVgwu/r01rdWuYtMdCZEJh8I+Fihbort839iRfDE2igdIb0FTH+
0BhDqzLBCftJYYJ4/GIplokgIcj3kKY+PmpldBSEobd33Ztre80UEY6uiV281ogG
8s7d6k8XgH5gep332+z8Cv+h/fmqQ/MNon2at2GCwC4U33QRC2gKkGTW3a5pmyPZ
mQ5FEvOJyFXZ3cbw9yhOvgXEHXkhkxvRgd5X+a/rjO4oBhFfwT2wKnaKxfpSkBd7
0JhTDuY8PwFpjl3/Yb11pw7ys5riAV+hh3kn6R/EyxUXS8MVkFTySVkuPoHIA4z0
iZw1uLcxhj3aNkbRHY3Q
=FN9r
-----END PGP SIGNATURE-----

More information about the Gnupg-devel mailing list