[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1011388: ITP: sequoia-wot -- Authenticate OpenPGP certificates using the "Web of Trust"

Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
X-Debbugs-Cc: debian-devel@lists.debian.org, dkg@fifthhorseman.net

* Package name    : sequoia-wot
  Version         : 0.2.0
  Upstream Author : Neal H. Walfield <neal@pep.foundation>
* URL             : https://gitlab.com/sequoia-pgp/sequoia-wot
* License         : LGPL 2.0 or later
  Programming Lang: Rust
  Description     : Authenticate OpenPGP certificates using the "Web of Trust"

The "Web of Trust" describes a network of identity assertions
("OpenPGP certifications") and signing delegations ("OpenPGP trust
signatures"), which can be used to formally validate identity
information in a cryptographic certificate.

In particular, this tooling allows the user to associate OpenPGP User
IDs (or simply the e-mail address part of the User ID) with some set
of OpenPGP certificates on the basis of explicit certifications made
by trusted parties.

The validation rules and certificate formats used in the Web of Trust
support corroborative, multiparty certification, so there is no need
to assign full trust to any single party.

This tooling offers a means to explore the Web of Trust by a library
in Rust, and a command-line interface capable of working with either
certificates in the filesystem or interacting with GnuPG's certificate
store and trust database.
Reply to: