Proposal of OpenPGP Email Validation
2014-667rhzu3dc-lists-groups at riseup.net
Tue Jul 28 20:22:29 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 28 July 2015 at 8:22:23 AM, in
<mid:87y4i0n3v4.wl-neal at walfield.org>, Neal H. Walfield wrote:
> Did you consider user a proof-of-work scheme? For
> instance, the user does a 1 week PoW, signs the result
> and attackes it to the key. These would be refreshed
> about once a year.
Would this one-week PoW pause when the user shuts down and continue
when they boot it up? There are plenty of email users who do not leave
their computer running all the time.
> This eliminates the verification servers and the
> problems associated with them (namely, people need to
> trust them and there can't be too many of them).
It also eliminates any attempt to to establish a link between the key
and the email address in the UID.
> gpg (or the email clients) don't need to know about
> special verification keys / signatures. They just
> check the proof of work and sort the returned keys
Instead of one special signature notation type, we have another that
will be much larger?
MFPA <mailto:2014-667rhzu3dc-lists-groups at riseup.net>
Censor: a man who knows more than he thinks you ought to.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users