Request for Discussion: new/PubKeyDistributionConcept/FallbackServer
bernhard at intevation.de
Tue Jun 14 11:46:02 CEST 2016
during the EasyGpg contract we are looking for a way
to find a single OpenPGP pubkey, so we can automate
sending an encrypted email better.
Feedback is welcome, I like to discuss the ideas
here on gnupg-devel@ and aim to summarize the discussion
on the wiki later.
Am Mittwoch, 4. Mai 2016 17:51:46 schrieb Bernhard Reiter:
> there is a new wiki page which starts to document some of the design
> reasoning behind a proposed new way how to distribute, find
> and (somewhat) validate public OpenPGP keys.
> While it is not complete nor polished,
> you have early access to be able to comment:
I've just renamed the page to
and move the discussion about a fallback server to a subpage
I have not yet included some of the discussion of the WKD from this list,
though the general ideas should be in there.
Personally my current mindset is:
a) the msp first approach is a good compromise in order of getting more users.
It is distinct enough from a central "validating keyserver" framework and
communication history has a resonable chance to catch attacs by MSPs.
b) a pubkey from a wkd should significantly add to the "validity" level
c) having a fallback server is better than not having one, so that many
people can make the new user experience right away. However we must
have a good plan moving users pubkeys to the MSPs. This is easier
if we have more users, because we can use the number and the users to
approach their MSPs.
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel