Send in your ideas. Deadline June 1, 2024
logo
Resources
Source code :
https://gitlab.com/openpgp-ca/openpgp-ca
Talk
Matrix
Internet Relay Chat (IRC)
Stay up to date
RSS or Atom feed
Website
More info available :
https://openpgp-ca.org
Grant
Theme fund: NGI Assure
Start: 2021-08
More projects like this
Software engineering
Middleware and identity
Decentralised solutions

Hardening OpenPGP CA deployments

HSM support for OpenPGP key infrastructure

OpenPGP CA is a tool for managing and certifying OpenPGP keys in organizations. Today, the private key material of OpenPGP CA instances is stored and used locally. This project will add support for two hardened modes of operation: 1) Using a hardware-token OpenPGP Card) based key for the CA, and 2) Split OpenPGP CA deployments, in which critical operations are performed on a highly protected machine (e.g. air-gapped), while regular operation can take place conveniently on an online CA instance.

In addition the project will build an OpenPGP CA based tool for version control signing workflows (e.g. git), with a focus on providing a smooth user experience for signing with OpenPGP card devices.

Logo NLnet: abstract logo of four people seen from above Logo NGI Assure: letterlogo shaped like a tag

This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.

Navigate projects

Currently open for proposals:

bluehats logo, three blue hats
Nominate FOSS projects
Nominate Free Software Projects for the four €10.000 BlueHats Prizes.

Search