Archived

This topic is now archived and is closed to further replies.

KOLANICH

Certificates in BEPs

Recommended Posts

In BEPs it is suggested to use x.509 certificates. But let's not forget that there are another types certificates: OpenPGP ones. I think they should also be supported.

 

A person who checks a certificate should have an openpgp-compatible program on pc with cli and a public key imported and trusted. if it doesnt, public key could be retrieved from keyserver and trust level could be automatically assigned using set of trusted certificates on user's pc.

in the case of using openpgp the certificate field described in bep35 should contain a fingerprint of public key and signature field should contain openpgp signature. Everything is binary, not ascii-armored.

The checking procedure is the same, but openpgp verification should be performed. To do this, for example, a needed binary containing the data to check could be piped to gpg.exe or another openpgp-compatible program.

Share this post


Link to post
Share on other sites