Request for Discussion: new/PubKeyDistributionConcept/FallbackServer
Neal H. Walfield
neal at walfield.org
Tue Jun 14 14:25:20 CEST 2016
On Tue, 14 Jun 2016 11:46:02 +0200,
Bernhard Reiter wrote:
> during the EasyGpg contract we are looking for a way
> to find a single OpenPGP pubkey, so we can automate
> sending an encrypted email better.
> Personally my current mindset is:
> a) the msp first approach is a good compromise in order of getting more users.
> It is distinct enough from a central "validating keyserver" framework and
> communication history has a resonable chance to catch attacs by MSPs.
> b) a pubkey from a wkd should significantly add to the "validity" level
> c) having a fallback server is better than not having one, so that many
> people can make the new user experience right away. However we must
> have a good plan moving users pubkeys to the MSPs. This is easier
> if we have more users, because we can use the number and the users to
> approach their MSPs.
Before I comment: what an MSP? What does "significantly add to
`validity level' mean?
More information about the Gnupg-devel