mirror of
https://github.com/adulau/abstract-key-server.git
synced 2024-12-10 19:07:27 +00:00
Abstract key server (aks) is a minimal PGP key server to support communities
bin | ||
conf | ||
deps | ||
doc/specs | ||
tests/keys | ||
.gitmodules | ||
build.sh | ||
README.md | ||
run-server.sh | ||
start.sh |
abstract-key-server (aks)
Abstract key server (aks) is a minimal PGP key server to support communities. aks is a kind of read-only OpenPGP key server which is updated by some core administrators of a community. Those core administrators can add other trusted aks server to provide lookup of other keys via their server.
This is a work-in-progress to solve specific problems in security and information sharing communities.
Goals
- Minimal parsing of PGP packets (to reduce complexity and software dependencies)
- New keys are added via a specific vetted process (or at the discretion of the aks operator)
- AKS can connect to other trusted list to query unknown keys and there is no reconciliation protocol (by design)
- Standard HKP interface with
add
method disabled - Simple interface to filter out known malicious or rogue PGP keys
- Fast and reliable
- Simple namespace to group keys in a set of known members (e.g. CSIRT, MISP sharing group, organisation)
Requirements
Back-end format (ardb)
key type | key name | values |
---|---|---|
k/v | k:fingerprint | armored PGP key |
set | n:namespace | set of fingerprints |
set | un:uid-name | set of fingerprints |
set | uc:uid-name | set of fingerprints |
set | ue:uid-name | set of fingerprints |
- un -> name in the UID
- uc -> comment in the UID
- ue -> email in the UID