Proposal of OpenPGP Email Validation

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Tue Jul 28 20:22:29 CEST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Tuesday 28 July 2015 at 8:22:23 AM, in
<mid:87y4i0n3v4.wl-neal at walfield.org>, Neal H. Walfield wrote:



> Did you consider user a proof-of-work scheme?  For
> instance, the user does a 1 week PoW, signs the result
> and attackes it to the key.  These would be refreshed
> about once a year.

Would this one-week PoW pause when the user shuts down and continue
when they boot it up? There are plenty of email users who do not leave
their computer running all the time.



> This eliminates the verification servers and the
> problems associated with them (namely, people need to
> trust them and there can't be too many of them).

It also eliminates any attempt to to establish a link between the key
and the email address in the UID.


> gpg (or the email clients) don't need to know about
> special verification keys / signatures.  They just
> check the proof of work and sort the returned keys
> appropriately.

Instead of one special signature notation type, we have another that
will be much larger?

- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at riseup.net>

Censor: a man who knows more than he thinks you ought to.
-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJVt8hrXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwdtMIAJ4a4kL/C5dskGgWJqh16q6J
0FBX9GNSzuu3UZr7NVzBo3Lf5Ed7uxdKdb9FEjTsUEOG/awy87KYYMKaj9wT2UtY
o9ObVXJ68W/JH9dT9v+07Serco88uVbRAh3wbMe10HIJfxVw3AG1FvejdkVfEU9Z
rwmnr0OgRvDTXXFF8P9LwHwCyvbCe/lsACeisqCDyTosQMlwWYEvLgY66VKumlRQ
HtTss2jy6lqSinFWEvOiNM20310zL5BjJGGzve9sAgB3Bn3zlp6Gb0x9FXK02Qh4
/aJosyeHEqNssRHMRveWefzXzjlLVGI/O4JSQ4zOJxsQrxE6Hrr/G6QM5ONLl/iI
vgQBFgoAZgUCVbfIcF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45F7XAPwMjqC88bZ7Ij+Gsu6QQZPZ54ph
Mlg8RLj4MuQRN8A6xgEAwJ447hyipEnIRvkVIJKZJo3p1FcYQ1oxn4YNYfUUPgk=
=lk5K
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list