New "validating keyserver" architecture (was: Re: German ct magazine postulates death of pgp encryption)
m.mansfeld at mansfeld-elektronik.de
Sun Mar 1 21:25:06 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 1 Mar 2015 at 17:21, Patrick Brunschwig wrote:
> On 01.03.15 16:38, Kristian Fiskerstrand wrote:
> >>> In general I believe this to be an insufficient form of
> >>> identification that really doesn't provide much of anything
> >>> useful, but at least the PGP keyserver does it reasonably sane in
> >>> its methodology by creating a signature from their CA on the key.
> >>> Whether you put any merit to having such a CA signature or not is
> >>> left up to the user (excluding for now the "fun" related to the
> >>> spammy number of signatures from it)
> >> Yes, I know. The re-confirmation every few months together with
> >> re-signing the keys is among the things I dislike about
> >> keyserver.pgp.com. But in general, I think that keyservers need to
> >> go in that direction if we want to enable easy use of OpenPGP in
> >> email (which requires in some way or another to download missing
> >> keys automatically).
> > You wouldn't need the keyservers to be involved in this at all.
> > Anyone could set up such a mail verification CA outside of the
> > keyserver network.
> Perfectly correct, yes. This is exactly what I'm proposing. I believe
> that the current keyserver network cannot do this. I just don't have
> the time to (also) work on this...
> - -Patrick
I like this idea very much. (I must admit, I did not take notice of
this feature at keyserver.pgp.com, However, I just tried it, but it
refused my whole pubkey because it contains an expired subkey, but
that's not a problem of the concept...).
Uploadingonly with validation by e-mail to all (or at least a
selected one) user-ids like keyserver.pgp.com does would be a really
huge improvement and would address the initial problem about fake
keys which lead the guy at c't to his PGP bashing.
Key distribution between the keyservers same as now, and deleting a
key on all servers (manually or after "Timeout" without confirmation)
should be possible from any of these servers, not just this one the
key was initially uploaded.
And the objective should be to replace or retrofit the current system
of keyservers. Two concurrent systems would not make OpenPGP more
What about crowdfunding such a development?
Matthias Mansfeld Elektronik * Printed Circuit Board Design and
Neithardtstr. 3, D-85540 Haar, GERMANY
Phone: +49-89-4620 0937, Fax: +49-89-4620 0938
Fingerprint: 6563 057D E6B8 9105 1CE4 18D0 4056 1F54 8B59 40EF
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1 - GPGrelay v0.962
-----END PGP SIGNATURE-----
More information about the Gnupg-users