Encryption and Identity Verification

From Guardian Project Wiki

Revision as of 19:24, 19 October 2011 (view source) 74.108.158.104 (Talk) ← Older edit		Revision as of 18:01, 20 October 2011 (view source) Hans (Talk | contribs) Newer edit →
Line 15:		Line 15:
	* [http://www.lbs.cs.uni-saarland.de/awot/ Anonymous Web of Trust] prototype lib		* [http://www.lbs.cs.uni-saarland.de/awot/ Anonymous Web of Trust] prototype lib
	* mode for exclusive, p2p syncing of signatures, no uploads to PGP servers		* mode for exclusive, p2p syncing of signatures, no uploads to PGP servers
		+	* gnupg lsign "sign a key locally"

---

Revision as of 18:01, 20 October 2011

Using QR Codes and camera QR code readers, the mobile phone can be the easiest tool for managing PGP signatures for building a web of trust.

APG

limitations

• no method for uploading personal public key
• no method for signing other people's keys
• no method to view signatures on a key

Anonymous Web of Trust

While the PGP public infrastructure is very useful and easy to use, it also provides complete social graphs to the public. For many people, this will put them at high risk, so we should use techniques for an anonymous web of trust. Or at least not making the social graph available to people outside of that social graph.

• Anonymous Web of Trust prototype lib
• mode for exclusive, p2p syncing of signatures, no uploads to PGP servers
• gnupg lsign "sign a key locally"