Send in your ideas. Deadline December 1, 2024
logo
Resources
Source code :
https://gitlab.com/openpgp-ca/openpgp-ca
Talk
Matrix
Internet Relay Chat (IRC)
Stay up to date
RSS or Atom feed
Website
More info available :
https://openpgp-ca.org
Grant
Theme fund: NGI Assure
Period: 2021-08 — 2024-05
More projects like this
Software engineering
Middleware and identity
Decentralised solutions

Hardening OpenPGP CA deployments

HSM support for OpenPGP key infrastructure

OpenPGP CA is a tool for managing and certifying OpenPGP keys in organizations. Today, the private key material of OpenPGP CA instances is stored and used locally. This project will add support for two hardened modes of operation: 1) Using a hardware-token OpenPGP Card) based key for the CA, and 2) Split OpenPGP CA deployments, in which critical operations are performed on a highly protected machine (e.g. air-gapped), while regular operation can take place conveniently on an online CA instance.

In addition the project will build an OpenPGP CA based tool for version control signing workflows (e.g. git), with a focus on providing a smooth user experience for signing with OpenPGP card devices.

Logo NLnet: abstract logo of four people seen from above Logo NGI Assure: letterlogo shaped like a tag

This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.

Navigate projects

Currently open for proposals:

git merge icon
Job opening
NGI Zero is looking for a Regional Representative.
podcast logo, antenna with radio waves
Listen to our podcast
Converstations with people building the Next Generation Internet

Search