Distribute Verified GPG-Keys Easily
Using the WebKeyDirectory to distribute verified GPG keys
Encryption via OpenPGP/GnuPG is something that everyone is talking about, but only very few are actually using it. One of the reasons is the complicated way to obtain “the Right Key”. The proposed Standard WebKeyDirectory is one way of solving that by creating a way to retrieve keys for people from the web server associated with the user. So for an email address firstname.lastname@example.org the key for the user foo could be retrieved from the webserver example.com.
There is already a way described to send keys via email to the respective server, but wouldn’t it be easier for people to log into their account on the server and just upload their private key via a web form? And then keep the key up-to-date by interacting with keyservers or other means?
The goal would be to create a WebForm that authenticates the user against their mail server (using IMAP or POP3) and then uploads the provided public GPG key to the appropriate place.
A possible extension would be to build a background task that will fetch in regular intervals the key from keyservers, and update it should there be an updated version with more signatures on it so that the key in the WebKeyDirectory stays up-to-date and contains the best amount of other signatures.
Are you interested in cryptography and secure communication? Want to make sure that your information has not been tampered with? Do you care about the user experience as well as about the technology? Then we’d love to have you at the project to help build a system that can easily be distributed onto a webspace to ease the deployment of public keys!
Andreas Heigl helps solving problems at bitExpert, a Manheim-based software creator. He sometimes even uses code for that.
Besides his family, his work as tribe leader, and contributions to different open-source-projects, he still finds the time to speak at conferences, organize Mob-Keysigning events, and run PHPUGFFM, the PHP-Usergroup in Frankfurt/Main and maintain PHP.ug