1
0
Fork 0
mirror of https://gitlab.com/hagrid-keyserver/hagrid.git synced 2023-02-13 20:55:02 -05:00
hagrid-keyserver--hagrid/dist/templates/about/faq.html.hbs

181 lines
7 KiB
Handlebars
Raw Normal View History

2019-06-04 18:11:38 -04:00
{{#> layout }}
<div class="about">
2019-06-26 19:54:09 -04:00
<center><h2><a href="/about">About</a> | <a href="/about/news">News</a> | <a href="/about/usage">Usage</a> | FAQ | <a href="/about/stats">Stats</a> | <a href="/about/privacy">Privacy</a></h2></center>
2019-06-04 18:11:38 -04:00
2019-06-10 14:28:37 -04:00
<h3 id="no-sign-verified"><a href="#no-sign-verified">Why not sign keys
after verification?</a></h3>
2019-06-04 18:11:38 -04:00
The <span class="brand">keys.openpgp.org</span> service is meant for key
distribution and discovery, not as a de-facto CA. Client implementations
that want to offer verified communication should rely on their own trust
model.
2019-06-10 14:28:37 -04:00
<h3 id="non-email-uids"><a href="#non-email-uids">Why is there no support
2019-06-10 15:51:19 -04:00
for identities that aren't e-mail addresses?</a></h3>
2019-06-10 14:28:37 -04:00
<p>
We require explicit consent to distribute identity information.
Identities that aren't e-mail addresses, such as pictures or addresses,
offer no simple way for us to acquire this consent.
</p>
<p>
Note: Some OpenPGP software creates keys with incorrectly formatted
e-mail addresses. These addresses might not be recognized correctly on
<span class="brand">keys.openpgp.org</span>.
</p>
2019-06-13 08:02:59 -04:00
<h3 id="third-party-signatures"><a href="#third-party-signatures">
Do you distribute "third party signatures"?</a></h3>
<p>
Short answer: No.
</p>
<p>
A "third party signature" is a signature on a key
that was made by some other key.
Most commonly,
those are the signatures produced when "signing someone's key",
which are the basis for
the "<a href="https://en.wikipedia.org/wiki/Web_of_trust" target="_blank">Web of Trust</a>".
For a number of reasons,
those signatures are not currently distributed
via <span class="brand">keys.openpgp.org</span>.
</p>
<p>
The killer reason is <strong>spam</strong>.
Third party signatures allow attaching arbitrary data to anyone's key,
and nothing stops a malicious user from
attaching so many megabytes of bloat to a key
that it becomes practically unusable.
Even worse,
they could attach offensive or illegal content.
</p>
<p>
There are ideas to resolve this issue.
For example, signatures could be distributed with the signer,
rather than the signee.
Alternatively, we could require
cross-signing by the signee before distribution
to support a
<a href="https://wiki.debian.org/caff" target="_blank">caff-style</a>
workflow.
If there is enough interest,
we are open to working with other OpenPGP projects
on a solution.
</p>
2019-06-10 15:51:19 -04:00
<h3 id="revoked-uids"><a href="#revoked-uids">Why are revoked identities not
distributed as such?</a></h3>
<p>
When an OpenPGP key marks one of its identities as revoked, this
identity should no longer be considered valid for the key. And this
information should ideally be distributed to all OpenPGP clients that
already know about the newly revoked identity.
</p>
<p>
Unfortunately, there is currently no good way to distribute revocations,
that doesn't also reveal the revoked identity itself. We don't want to
distribute revoked identities, so we can't distribute the identity at
all.
</p>
<p>
There are proposed solutions to this issue, that allow the distribution
of revocations without also revealing the identity itself. But so far
there is no final specification, or support in any OpenPGP software. We
hope that a solution will be established in the near future, and will
add support on <span class="brand">keys.openpgp.org</span> as soon as
we can.
</p>
2019-06-10 14:28:37 -04:00
2019-06-11 04:13:31 -04:00
<h3 id="tor"><a href="#tor">Do you support Tor?</a></h3>
<p>
Of course!
If you have Tor installed,
you can reach <span class="brand">keys.openpgp.org</span> anonymously
as an
<a href="https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Onion_services" target="_blank">onion service</a>:
<br />
<a href="http://zkaan2xfbuxia2wpf7ofnkbz6r5zdbbvxbunvp5g2iebopbfc4iqmbad.onion">zkaan2xfbuxia2wpf7ofnkbz6r5zdbbvxbunvp5g2iebopbfc4iqmbad.onion</a>
2019-06-11 04:13:31 -04:00
</p>
2019-06-10 14:28:37 -04:00
<h3 id="encrypt-verification-emails"><a href="#encrypt-verification-emails">
Why not encrypt verification e-mails?</a></h3>
2019-06-04 18:11:38 -04:00
Various reasons:
<ol>
<li>It is more complicated, both for our users and for us.</li>
<li>It doesn't prevent attacks - an attacker gains nothing from
uploading a key they don't have access to.</li>
<li>Deletion would still have to be possible even when a key is
lost.</li>
<li>It would require a different (and more complicated) mechanism to
upload keys that can only sign.</li>
</ol>
2019-07-02 06:07:28 -04:00
<h3 id="sks-pool"><a href="#sks-pool">Is this server part of the "SKS" pool?</a></h3>
2019-06-04 18:11:38 -04:00
2019-07-02 06:07:28 -04:00
<p>
No. The federation model of the SKS pool has various problems in terms
of reliability, abuse-resistance, privacy, and usability. We might do
something similar to it, but <span class="brand">keys.openpgp.org</span>
will never be part of the SKS pool itself.
2019-06-04 18:11:38 -04:00
</p>
2019-07-02 06:07:28 -04:00
<h3 id="federation"><a href="#federation">Is keys.openpgp.org federated? Can I help by running an instance?</a></h3>
<p>
For the moment, no.
We do plan to decentralize <span class="brand">keys.openpgp.org</span>
at some point.
With multiple servers
run by independent operators,
we can further improve the reliability
of this service.
2019-06-04 18:11:38 -04:00
</p>
2019-07-02 06:07:28 -04:00
<p>
Several folks offered to help out
by "running a Hagrid server instance".
We very much appreciate the offer,
but we will probably never have an "open" federation model like SKS,
where everyone can run an instance and become part of a "pool".
This is for two reasons:
</p>
<ol>
<li>
Federation with open participation requires all data to be public.
This significantly impacts the privacy of our users, because it
allows anyone to scrape a list of all e-mail addresses.
</li>
<li>
Servers run as a hobby by casual administrators do not meet our
standards for reliability and performance.
</li>
</ol>
<h3 id="older-gnupg"><a href="#older-gnupg">
2019-07-02 06:07:28 -04:00
I have trouble updating some keys with GnuPG. Is there a bug?
</a></h3>
<p>
This is a problem with current versions of GnuPG. If you attempt to
update a key from <span class="brand">keys.openpgp.org</span> that
contains no <a href="/about">identity information</a>, GnuPG will refuse
to process the key:
</p>
<blockquote>
$ gpg --receive-keys A2604867523C7ED8<br />
gpg: key A2604867523C7ED8: no user ID
</blockquote>
<p>
We are working with the GnuPG team to resolve this problem.
</p>
2019-06-04 18:11:38 -04:00
</div>
{{/layout}}