Hi Gunnar, > Hagrid is IMO a no-go: in order to solve the greatest shortcomings of > SKS, it drops one of OpenPGP's greatest features: the Web of > Trust. Yes, for many, the WoT is an anachronistic holdout... But many > among us still believe in it. > > (...) > > (For full disclosure: I recently joined a PhD program, and my study > subject is how to keep the decentralized properties of the WoT network > while at the same time being able to counter the attacks we have seen > on it).
You may be interested in this Merge Request: https://gitlab.com/hagrid-keyserver/hagrid/-/merge_requests/176 In short this is about adding Attested Certifications support to Hagrid. Attested Certifications are third-party signatures that are "approved" by the key owner. This makes it easy to distinguish real third-party signatures that the key owner cares for from flooded signatures. Sadly they are not yet supported in GnuPG but adding them to Hagrid may be a good way to solve the "chicken and egg" problem with this feature. For technical bits see rfc4880bis section 5.2.1: "0x16 Attested Key Signature" https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis-10#section-5.2.1 Kind regards, Wiktor
