KOLANICH Posted August 28, 2014 Report Share Posted August 28, 2014 In BEPs it is suggested to use x.509 certificates. But let's not forget that there are another types certificates: OpenPGP ones. I think they should also be supported. A person who checks a certificate should have an openpgp-compatible program on pc with cli and a public key imported and trusted. if it doesnt, public key could be retrieved from keyserver and trust level could be automatically assigned using set of trusted certificates on user's pc.in the case of using openpgp the certificate field described in bep35 should contain a fingerprint of public key and signature field should contain openpgp signature. Everything is binary, not ascii-armored.The checking procedure is the same, but openpgp verification should be performed. To do this, for example, a needed binary containing the data to check could be piped to gpg.exe or another openpgp-compatible program. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.