Validating Sign Only Gpg Keys

Registered by James Henstridge on 2005-10-13

The current system for claiming GPG keys relies on the ability to encrypt an email to the user with that key, as a way to prove that they have the secret key and can use it to decrypt the message.

This process fails if the key can't be used for encryption (i.e. can only be used for signing). A separate verification procedure would be needed to handle such keys.

Blueprint information

Status:
Complete
Approver:
Christian Reis
Priority:
Medium
Drafter:
None
Direction:
Needs approval
Assignee:
James Henstridge
Definition:
Approved
Series goal:
None
Implementation:
Implemented
Milestone target:
None
Started by
James Henstridge on 2006-08-16
Completed by
James Henstridge on 2006-08-16

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.