[Top] [All Lists]

Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?]

2015-03-28 14:24:49
On Sat, Mar 28, 2015 at 11:56 AM, Daniel Kahn Gillmor
<dkg(_at_)fifthhorseman(_dot_)net> wrote:
On Thu 2015-03-26 15:58:57 -0500, Phillip Hallam-Baker wrote:
Yep, I don't actually rate a keysignature as being worth anything
until it is enrolled in a TRANS like log.

I think this perspective is dangerous to privacy, if we want to be able
to support non-public certifications.

I often certify people's keys publicly (or i make OpenPGP certifications
and send them to the subject and let them decide whether to publish them
or not).  But i also think it's important to be able to make a
non-logged, non-public "letter of introduction", to be handed off when
needed.  OpenPGPv4 already supports this in the form of non-exportable
signatures.  The UI/UX for this is abysmal in most clients today (anyone
with UI/UX cycles to spare who wants some brainstorming ideas about how
to improve this, please talk to me), but it would be a real shame to
change the protocol in such a way to rule this technique out completely.

Parties who are globally relied-upon (e.g. the X.509 CAs that everyone
implicitly "trusts") should definitely be publicly logged.

But not everyone who certifies is in (or should be in) that position;
some of these relationships are private, and we should not force people
to publish them.

By that I mean fixed in time. I agree that it does not need to be
public. Only the hash needs to be enrolled.

openpgp mailing list

<Prev in Thread] Current Thread [Next in Thread>