Restrict key updates to owner
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hockeypuck |
Triaged
|
Medium
|
Unassigned |
Bug Description
Similar to the "unlisted key" feature, user signs a message to Hockeypuck with instructions to only allow updates to that key material from the owner. Owner would then need to add a signed token with each /pks/add request.
We could provide a shell script to make this easier. hkp-key or something to that effect. Or maybe allow a mix of aliases, fingerprints, and HKP servers that are allowed to make updates:
$ hkp-key --allow-updates owner # only i can update my key
# allow me, the owner of this other key i trust, and the SKS pool to update my key
$ hkp-key --allow-updates owner,0xdeadbee
$ hkp-key --allow-updates any # remove update restriction, allow anyone to update
$ hkp-key --allow-updates none # lock my key, until i unlock it?
The same authentication protocol will be used in LP: #1074224. The example hkp-key script could PGP-sign the POST payload and add the detached sig to a custom HTTP header.
hkp-key could be an interesting useful tool. I could see options like:
$ hkp-key --delete # delete my key from the keyserver
$ hkp-key --allow-search # change search visibility
$ hkp-key --certify-email # Prove to the server I own UID email addresses
$ hkp-key --certify-openid URL # Prove to the server I own this online account
description: | updated |