At Wed, 29 Jul 2015 02:30:47 +0100, MFPA wrote: > On Monday 27 July 2015 at 1:15:57 PM, in > <mid:874mkpokxu.wl-n...@walfield.org>, Neal H. Walfield wrote: > > > > Regarding the design: personally, I wouldn't have the > > user follow a link that includes a swiss number, but > > have the user reply to the mail, include the swiss > > number and sign it. > > > Why not simplify the workflow:- > > 1. key reaches validation server. > > 2. for each UID containing an email address, validation server creates > a copy of the key stripped of all other UIDs. > > 3. validation server signs that copy of the key. > > 4. validation server pastes the signed key into an email, encrypts the > email to that key, and sends it to the email address in the UID. > > 5. user receives each email, decrypts it, and updates their local copy of > their key. > > 6. user uploads key now bearing the validation server's signatures to > a keyserver. > > > There is still the same level of assurance that the email address and > private key are controlled by the same entity. Advantages are:- > > a. Nobody is asked to click links or reply to emails. > > b. The validation server does not need to manage a "stack" of keys > awaiting feedback from the validation emails. > > c. Changes to the user's key are uploaded to the keyserver by the > user, not by the validation server.
Personally, I think c is the killer in this plan: people aren't going to bother to upload it (assuming they even get that far)! Neal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users