Request for Discussion: new/PubKeyDistributionConcept/FallbackServer

Bernhard Reiter bernhard at intevation.de
Tue Jun 14 11:46:02 CEST 2016


Hi,
during the EasyGpg contract we are looking for a way
to find a single OpenPGP pubkey, so we can automate
sending an encrypted email better.

Feedback is welcome, I like to discuss the ideas
here on gnupg-devel@ and aim to summarize the discussion
on the wiki later.

Am Mittwoch, 4. Mai 2016 17:51:46 schrieb Bernhard Reiter:
> there is a new wiki page which starts to document some of the design
> reasoning behind a proposed new way how to distribute, find
> and (somewhat) validate public OpenPGP keys.
>
> While it is not complete nor polished,
> you have early access to be able to comment:

I've just renamed the page to 
  https://wiki.gnupg.org/EasyGpg2016/PubkeyDistributionConcept
and move the discussion about a fallback server to a subpage
  https://wiki.gnupg.org/EasyGpg2016/PubkeyDistributionConcept/FallbackServer

I have not yet included some of the discussion of the WKD from this list,
though the general ideas should be in there. 

Personally my current mindset is:
a) the msp first approach is a good compromise in order of getting more users.
    It is distinct enough from a central "validating keyserver" framework and 
    communication history has a resonable chance to catch attacs by MSPs.
b) a pubkey from a wkd should significantly add to the "validity" level
c) having a fallback server is better than not having one, so that many
    people can make the new user experience right away. However we must
    have a good plan moving users pubkeys to the MSPs. This is easier
    if we have more users, because we can use the number and the users to
    approach their MSPs. 

Best Regards,
Bernhard

-- 
www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160614/3ce05706/attachment-0001.sig>


More information about the Gnupg-devel mailing list