[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] how to distribute pgp public key?
> On 8 Dec. 2016, at 06:40, Univibe <univibe@xxxxxxxxxxxxxx> wrote:
>
> >> I had a thought to publish it on my relay's DirPort (using DirPortFrontPage
> >> and a simple html doc containing the public key). Then I could just provide a
> >> link to the DirPort in ContactInfo.
>
> > It's better to just use a fingerprint. I don't know how efficient or useful
> > that would be. It is also not necessary.
>
> Okay. Thanks Jason for your reply. I was just thinking about how PGP key exchange seems to frustrate most people and wondering if it would make sense to skip the middleman (keyservers) in this case. Having the public key published directly by the relay establishes trust. There would be no question that the PGP key belongs to the relay operator.
Unfortunately, the DirPortFrontPage is not authenticated: it is plain HTTP.
But the descriptor with the ContactInfo is signed with your relay key.
> However since it's an odd implementation, it might just add confusion instead of making things easier. It sounds like the convention is to just list your fingerprint, so I'll do that. Thanks!
Yes, this is what people typically do. Thanks!
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays