Hi Konstantin, On Fri Jun 14, 2019 at 11:19 AM Konstantin Ryabitsev wrote: > 1. implement the regular --send-key --recv-key api
This is already implemented. > 2. when accepting a --send-key, check to make sure at least one of the > uid's matches an allow-list of identities (for example, from a dump of > all authors/committers in linux.git) I guess this could be implemented as a white-list of e-mails. I hope you don't mind but I've mentioned this use-case on their issue tracker: https://gitlab.com/hagrid-keyserver/hagrid/issues/55#note_181698023 > 3. perform email verification using the matching identity from #2 If filtering would be implemented this would also work as is. > 4. store all key data without stripping out 3rd-party signatures As far as I understood the Hagrid keyserver developers they're not against 3rd-party signatures per se, just don't like the idea of anyone appending data to keys. The answer on the FAQ seems quite open: https://keys.openpgp.org/about/faq#third-party-signatures > I guess it would be easy enough to hack that into hagrid, but that would > mean a hard fork and I'd avoid that at all costs. I think it would be useful to bring it to Hagrid developers (either on the issue tracker, via e-mail or #hagrid on IRC). From my experience they're listening to feedback :) Have a nice evening! Kind regards, Wiktor -- https://metacode.biz/@wiktor _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
