get OpenPGP pubkeys authenticated using German personal ID
Alexander Leidinger
Alexander at leidinger.net
Thu Jun 1 13:23:36 CEST 2023
Quoting Bernhard Reiter <bernhard at intevation.de> (from Wed, 31 May
2023 16:55:05 +0200):
> https://pgp.governikus.de/?lang=EN
>
> """
> Governikus provides the online service for authenticating your OpenPGP key on
> behalf of the German Federal Office for Information Security (BSI). This
> online service compares the name read from your ID card, your electronic
> residence permit or eID card for citizens of the European Union with the name
> specified in your OpenPGP key. If the names match, your public key is
> electronically signed by Governikus, confirming the match.
> """
>
> interesting, kind of cool.
>
> Obviously they cannot authenticate the email address
> so once I have a common name, we get collisions?
The signature is send to the email listed in the key. In case you
share a name with someone which has a PGP key and you sign this key,
the person(s) with access to that email account will get the signature.
Bye,
Alexander.
--
http://www.Leidinger.net Alexander at Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org netchild at FreeBSD.org : PGP 0x8F31830F9F2772BF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: Digitale PGP-Signatur
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20230601/81e5e7ef/attachment.sig>
More information about the Gnupg-users
mailing list