Request for Discussion: new/PubKeyDistributionConcept/FallbackServer
bernhard at intevation.de
Tue Jun 14 14:47:16 CEST 2016
Am Dienstag, 14. Juni 2016 14:25:20 schrieb Neal H. Walfield:
> Before I comment: what an MSP?
MSP: mail service provider
(I've just taken the abbreviation from the wiki page.
It makes sense to read it first anyway.)
> What does "significantly add to `validity level' mean?
Getting a pubkey from a MSP operated WKD should add a medium amount
to the level of "how much do I believe that this pubkey belongs
the owner of the email address that I am looking for".
Medium because it will have to be a lot more than the contribution I get from
having communicated with pubkey A and user U once or a couple of time.
Only medium because other sources of validity will be necessary to detect
malicious behaviour, so they must be able to get over medium for these
This mainly documents my mental model how a good and secure user experience
can be constructed in the future. I know that Werner's model is different.
We need a way to get this exposed and talked about.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-devel