If I want to include a reference to my public PGP key on Atlas using the ContactInfo field on my relays, what's the best way to do it? Should I upload my key to some of the public keyservers and then list the fingerprint on Atlas? If so which keyservers are recommended?
I had a thought to publish it on my relay's DirPort (using DirPortFrontPage and a simple html doc containing the public key). Then I could just provide a link to the DirPort in ContactInfo.
Is there a better way to do this?
On Dec 7, 2016 1:28 AM, "Univibe" univibe@protonmail.com wrote:
If I want to include a reference to my public PGP key on Atlas using the ContactInfo field on my relays, what's the best way to do it? Should I upload my key to some of the public keyservers and then list the fingerprint on Atlas?
Yes. I use the MIT Keyserver at http://pgp.mit.edu
If so which keyservers are recommended?
I had a thought to publish it on my relay's DirPort (using DirPortFrontPage and a simple html doc containing the public key). Then I could just provide a link to the DirPort in ContactInfo.
It's better to just use a fingerprint. I don't know how efficient or useful that would be. It is also not necessary.
Is there a better way to do this?
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I had a thought to publish it on my relay's DirPort (using DirPortFrontPage and a simple html doc containing the public key). Then I could just provide a link to the DirPort in ContactInfo.
It's better to just use a fingerprint. I don't know how efficient or useful that would be. It is also not necessary.
Okay. Thanks Jason for your reply. I was just thinking about how PGP key exchange seems to frustrate most people and wondering if it would make sense to skip the middleman (keyservers) in this case. Having the public key published directly by the relay establishes trust. There would be no question that the PGP key belongs to the relay operator. However since it's an odd implementation, it might just add confusion instead of making things easier. It sounds like the convention is to just list your fingerprint, so I'll do that. Thanks!
On 8 Dec. 2016, at 06:40, Univibe univibe@protonmail.com wrote:
I had a thought to publish it on my relay's DirPort (using DirPortFrontPage and a simple html doc containing the public key). Then I could just provide a link to the DirPort in ContactInfo.
It's better to just use a fingerprint. I don't know how efficient or useful that would be. It is also not necessary.
Okay. Thanks Jason for your reply. I was just thinking about how PGP key exchange seems to frustrate most people and wondering if it would make sense to skip the middleman (keyservers) in this case. Having the public key published directly by the relay establishes trust. There would be no question that the PGP key belongs to the relay operator.
Unfortunately, the DirPortFrontPage is not authenticated: it is plain HTTP. But the descriptor with the ContactInfo is signed with your relay key.
However since it's an odd implementation, it might just add confusion instead of making things easier. It sounds like the convention is to just list your fingerprint, so I'll do that. Thanks!
Yes, this is what people typically do. Thanks!
T
tor-relays@lists.torproject.org
-
Jason Odoom -
teor -
Univibe