[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: shutdown of and

From: Wiktor Kwapisiewicz
Subject: Re: shutdown of and
Date: Wed, 23 Jun 2021 08:29:04 +0200

Hi Gunnar,

> Hagrid is IMO a no-go: in order to solve the greatest shortcomings of
> SKS, it drops one of OpenPGP's greatest features: the Web of
> Trust. Yes, for many, the WoT is an anachronistic holdout... But many
> among us still believe in it.
> (...)
> (For full disclosure: I recently joined a PhD program, and my study
> subject is how to keep the decentralized properties of the WoT network
> while at the same time being able to counter the attacks we have seen
> on it).

You may be interested in this Merge Request:

In short this is about adding Attested Certifications support to
Hagrid. Attested Certifications are third-party signatures that are
"approved" by the key owner. This makes it easy to distinguish real
third-party signatures that the key owner cares for from flooded

Sadly they are not yet supported in GnuPG but adding them to Hagrid may
be a good way to solve the "chicken and egg" problem with this feature.

For technical bits see rfc4880bis section 5.2.1: "0x16  Attested Key Signature"

Kind regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]