recommendation for key servers

Justus Winter justus at sequoia-pgp.org
Sat Jun 26 10:55:00 CEST 2021


Andrew Gallagher via Gnupg-devel <gnupg-devel at gnupg.org> writes:

> Signature attestations will help tackle many of the abuse (and
> functional limitation) issues, if we can get them standardised in a
> future openpgp update (rfc4880tris?).

First-party attested third-party certifications (1pa3pc) as described by
Werner, Vincent, and dkg in RFC4880bis-10 are implemented in DKGPG,
PGPy, and Sequoia.  Command-line frontends for DKGPG and Sequoia can be
used to attest to certifications.

As of Thursday, keys.openpgp.org serves attested third-party
certifications in accordance with the principle of primary key
sovereignty.

I'm happy to answer any questions related to this.

Justus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 519 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210626/aaea387b/attachment.sig>


More information about the Gnupg-devel mailing list