> On Aug 15, 2019, at 3:33 PM, Werner Koch <w...@gnupg.org> wrote:
>
> On Thu, 15 Aug 2019 00:02, gnupg-users@gnupg.org said:
>
>> But at least then we will want to add cryptography to see which
>> selfsigs are truly legitimate, right?
>
> That would be the first and most important step to get the keyservers
> back for the WoT
Actually, I think hockeypuck might be validating selfsigs already:
https://github.com/hockeypuck/openpgp/blob/v1/pubkey.go
when it calls CheckSig().
(It isn’t that hard to install and loads most of the SKS keydump keys, but you
do need PostgreSQL and then to sync with SKS to get the remaining (malformed)
keys that apparently didn’t get imported from the dump.)
Sent from my iPad
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
