diff options
Diffstat (limited to 'doc/todo/decentralized_gpg_web_of_trust_checking.mdwn')
| -rw-r--r-- | doc/todo/decentralized_gpg_web_of_trust_checking.mdwn | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/doc/todo/decentralized_gpg_web_of_trust_checking.mdwn b/doc/todo/decentralized_gpg_web_of_trust_checking.mdwn new file mode 100644 index 0000000..268fad1 --- /dev/null +++ b/doc/todo/decentralized_gpg_web_of_trust_checking.mdwn @@ -0,0 +1,15 @@ +GPG WoT is checked by querying pgp.cs.uu.nl, could use wotsap if it's +locally installed. However, the version of wotsap in debian only supports +short, insecure keyids, so is less secure than using the server. +And, locally running wotsap needs to download the WoT database from +a server anyway, so does not seem to add any security. + +Once we have a WoT path, we could download each gpg key in the path and +verify the path. This would avoid trusting pgp.cs.uu.nl not to be evil. +Not done yet, partly because downloading a lot of gpg keys is expensive. +But also because even if this check were done, bad data in the WoT could +be backed up by real keys on the keyservers. + +The decentralized way is for the user do some key signing, get into the WoT, +and then gpg can tell them if the key is trusted itself. This +already works of course. |