Distributed key management in Hockeypuck
Next generation OpenPGP Keyserver
Encryption key management is usually implemented using centralised trust roots, such as the X.509 Certificate Authorities, or authoritative keyservers, such as those operated by Signal and Meta. OpenPGP instead relies on a distributed network of independent keyservers, and the famous “web of trust”. GDPR compliance and spam prevention present particular challenges in such a distributed system. Hockeypuck is a modern synchronising OpenPGP keyserver application written in Go and AGPL licensed. This project will update Hockeypuck to provide robust and decentralised management tools for both users and operators, including keyholder self-sovereignty, distributed blocklists, enhanced abuse and error detection, and noninteractive email proofs.
- The project's own website: https://hockeypuck.io
This project was funded through the NGI0 Commons Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101135429. Additional funding is made available by the Swiss State Secretariat for Education, Research and Innovation (SERI).
