add FAQ page
This commit is contained in:
parent
72227aa08c
commit
7afa00bffc
|
@ -26,10 +26,6 @@ h1 {
|
|||
padding-bottom: 1em;
|
||||
}
|
||||
|
||||
p {
|
||||
padding-bottom: 0.5em;
|
||||
}
|
||||
|
||||
.ui p {
|
||||
line-height: 1.8em;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{{#> layout }}
|
||||
<div class="about">
|
||||
<center><h2>About | <a href="/about/usage">Usage</a> | <a href="/about/privacy">Privacy Policy</a> | <a href="/about/api">API Docs</a></h2></center>
|
||||
<center><h2>About | <a href="/about/usage">Usage</a> | <a href="/about/faq">FAQ</a> | <a href="/about/privacy">Privacy Policy</a> | <a href="/about/api">API</a></h2></center>
|
||||
|
||||
<p>
|
||||
The <tt>keys.openpgp.org</tt> server is a public service for the
|
||||
|
@ -19,9 +19,10 @@
|
|||
</p>
|
||||
|
||||
<ul>
|
||||
<li><strong>Cryptographic metadata</strong> is all the technical
|
||||
information about the key itself, such as its expiry date, whether
|
||||
it is revoked or not, or how it can be used for encryption.
|
||||
<li><strong>Technical data</strong> is all the technical information
|
||||
about the key itself. This means the large numbers used for
|
||||
cryptographic operations, but also metadata like its expiry date,
|
||||
and whether it is revoked or not.
|
||||
</li>
|
||||
<li><strong>Identity information</strong> includes the parts of
|
||||
a key that identify its owner (known as "User IDs"), in
|
||||
|
@ -36,19 +37,19 @@
|
|||
</p>
|
||||
|
||||
<p>
|
||||
The cryptographic metadata of keys can be freely up- and downloaded on
|
||||
The technical data of keys can be freely up- and downloaded on
|
||||
<span class="brand">keys.openpgp.org</span>. It consists of technical
|
||||
information only, which can't be used to identify its owner. It is
|
||||
important for OpenPGP software to keep this information up to date, in
|
||||
order to maintain secure and reliable communication.
|
||||
information only, which can't be used to identify its owner. However,
|
||||
it is important for OpenPGP software to keep this information up to
|
||||
date, in order to maintain secure and reliable communication.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
The identity information in an OpenPGP key is only distributed with
|
||||
consent. It contains personal data, and is not strictly necessary for
|
||||
a key to be used for encryption or signature verification. Once the
|
||||
owner gives consent by verifying their e-mail address, the key can then
|
||||
be found by others in a search by address.
|
||||
owner gives consent by verifying their e-mail address, the key can
|
||||
be found by everyone via search by address.
|
||||
</p>
|
||||
|
||||
<h3>Community and platform</h3>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{{#> layout }}
|
||||
<div class="about">
|
||||
<center><h2><a href="/about">About</a> | <a href="/about/usage">Usage</a> | <a href="/about/privacy">Privacy Policy</a> | API Docs</h2></center>
|
||||
<center><h2><a href="/about">About</a> | <a href="/about/usage">Usage</a> | <a href="/about/faq">FAQ</a> | <a href="/about/privacy">Privacy Policy</a> | API</h2></center>
|
||||
|
||||
<p>
|
||||
Hagrid implements both the legacy HKP interface, as well as our
|
||||
|
|
|
@ -0,0 +1,60 @@
|
|||
{{#> layout }}
|
||||
<div class="about">
|
||||
|
||||
<center><h2><a href="/about">About</a> | <a href="/about/usage">Usage</a> | FAQ | <a href="/about/privacy">Privacy Policy</a> | <a href="/about/api">API</a></h2></center>
|
||||
|
||||
<h3>Why not sign keys after verification?</h3>
|
||||
|
||||
The <span class="brand">keys.openpgp.org</span> service is meant for key
|
||||
distribution and discovery, not as a de-facto CA. Client implementations
|
||||
that want to offer verified communication should rely on their own trust
|
||||
model.
|
||||
|
||||
<h3>Why not encrypt verification e-mails?</h3>
|
||||
|
||||
Various reasons:
|
||||
<ol>
|
||||
<li>It is more complicated, both for our users and for us.</li>
|
||||
<li>It doesn't prevent attacks - an attacker gains nothing from
|
||||
uploading a key they don't have access to.</li>
|
||||
<li>Deletion would still have to be possible even when a key is
|
||||
lost.</li>
|
||||
<li>It would require a different (and more complicated) mechanism to
|
||||
upload keys that can only sign.</li>
|
||||
</ol>
|
||||
|
||||
<h3>Is <span class="brand">keys.openpgp.org</span> part of the "SKS" pool?</h3>
|
||||
|
||||
<p>No. The "append-only" federation model of the SKS pool leads to various
|
||||
problems, that make both operation and use of those servers very
|
||||
difficult. There is also no simple way to store information about
|
||||
e-mail verification in a federated way.
|
||||
</p>
|
||||
<p>We do plan to explore options for a distributed service in the future, so
|
||||
users can choose between different service operators again.
|
||||
</p>
|
||||
|
||||
<!--
|
||||
<ul>
|
||||
<li><b>Do not distribute unverified or malicious data</b>
|
||||
<p>Unlike traditional keyservers, <tt>keys.openpgp.org</tt> does not
|
||||
distribute key material that isn't cryptographically verified.
|
||||
This protects keys from unwanted spam, and helps protect the
|
||||
service itself against "denial of service" attacks.
|
||||
</p>
|
||||
<p>We also do not distribute "third-party" signatures on keys. These
|
||||
kinds of signatures were typically used to "sign" the keys of
|
||||
others, in order to support a "Web of Trust" trust model. This
|
||||
model meant that third parties could attach arbitrary spam to
|
||||
any key, but didn't prove itself as a very effective trust model
|
||||
in practice.
|
||||
</p>
|
||||
<p>We are open to alternative approaches that might be implemented
|
||||
in the future, that avoid this issue.
|
||||
</p>
|
||||
</li>
|
||||
</ul>
|
||||
-->
|
||||
|
||||
</div>
|
||||
{{/layout}}
|
|
@ -1,7 +1,7 @@
|
|||
{{#> layout }}
|
||||
<div class="about">
|
||||
|
||||
<center><h2><a href="/about">About</a> | <a href="/about/usage">Usage</a> | Privacy Policy | <a href="/about/api">API Docs</a></h2></center>
|
||||
<center><h2><a href="/about">About</a> | <a href="/about/usage">Usage</a> | <a href="/about/faq">FAQ</a> | Privacy Policy | <a href="/about/api">API</a></h2></center>
|
||||
|
||||
<p style="text-align: left;">
|
||||
The public keyserver running on keys.openpgp.org processes, stores and
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{{#> layout }}
|
||||
<div class="about usage">
|
||||
<center><h2><a href="/about">About</a> | Usage | <a href="/about/privacy">Privacy Policy</a> | <a href="/about/api">API Docs</a></h2></center>
|
||||
<center><h2><a href="/about">About</a> | Usage | <a href="/about/faq">FAQ</a> | <a href="/about/privacy">Privacy Policy</a> | <a href="/about/api">API</a></h2></center>
|
||||
|
||||
<p>
|
||||
On this page, we collect information on how to use
|
||||
|
|
|
@ -274,6 +274,11 @@ fn about() -> Template {
|
|||
Template::render("about/about", templates::General::default())
|
||||
}
|
||||
|
||||
#[get("/about/faq")]
|
||||
fn faq() -> Template {
|
||||
Template::render("about/faq", templates::General::default())
|
||||
}
|
||||
|
||||
#[get("/about/usage")]
|
||||
fn usage() -> Template {
|
||||
Template::render("about/usage", templates::General::default())
|
||||
|
@ -300,6 +305,7 @@ fn rocket_factory(rocket: rocket::Rocket) -> Result<rocket::Rocket> {
|
|||
about,
|
||||
privacy,
|
||||
apidoc,
|
||||
faq,
|
||||
usage,
|
||||
files,
|
||||
// VKSv1
|
||||
|
|
Loading…
Reference in New Issue