Out of band public key authentication. .onion key server

http://4kq2fytp43qq7sxn.onion/

I'm hosting a public key server to allow you to retain vendor keys without them being on your keyring, and without relying on DNM.

It's a regular gpg keyserver so you can --send-key and --recv-key or --search-key using it.


Comments


[2 Points] fish_fried_whole:

if you like the idea guys please submit your key! Either on the website or via gpg --keyserver pgpserverl42vxsi.onion --send-keys "YOUR USERNAME HERE"


[1 Points] abrahamthinkn:

I like this idea.


[1 Points] fish_fried_whole:

Main .onion address is http://pgpserverl42vxsi.onion/

example usage

amnesia@amnesia:~$ gpg --keyserver pgpserverl42vxsi.onion --search-keys symbiosis gpg: searching for "symbiosis" from hkp server pgpserverl42vxsi.onion (1) symbiosis symbiosis@symbiosis.com 2048 bit RSA key 0xAD90A3E3, created: 2012-08-08 Keys 1-1 of 1 for "symbiosis". Enter number(s), N)ext, or Q)uit > Q

If you press 1 you get:

1 gpg: requesting key 0xAD90A3E3 from hkp server pgpserverl42vxsi.onion gpg: key 0x42155086AD90A3E3: public key "symbiosis symbiosis@symbiosis.com" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)

Then you can compare this to the one on the DNM if it differs something suspicious is going on.

Most likely they made a new key perhaps as part of normal precations but in this case they should rekove the old one after using it to sign a new one!


[1 Points] exmachinalibertas:

This is a neat idea, but what is the advantage of using this versus just using a regular key server but connecting through Tor?


[1 Points] None:

Cool idea