In order for so-called signature profiles to work and be as easily discoverable as OpenPGP keys (related to https://community.keyoxide.org/d/17-shifting-to-signatures-as-primary-source-of-cryptographic-material/6), we need a novel signature distribution server.
Ideas and requirements for such a server:
- Anyone can upload a signed text document of arbitrary data (clearsigned, text+signature of signature only).
- Signatures from different protocols (OpenPGP, minisign, SSH, etc) are supported.
- Signatures are assigned a random UUID upon uploading.
- Signatures are automatically deleted after X months. Signed API requests can show a "sign of life" and delay the deletion of the signature.
- Signatures can supersede previous signatures (not sure about implications).
- Each cryptographic key can request a number of permanent UUIDs, which can be assigned to a signature (allowing them to accidentally perish but keep the old identifier).
- Existing signatures can be removed using API requests signed by the key that uploaded them.
- Uploaded signatures are limited in size.
- Store signatures in the database using their hashed identifier.
Open issues:
- Spam -> add a non-PII verification step to the upload process, IP throttling/bans?
- What happens if signature contains PII of third party with regards to GDPR? -> Have a "request removal of signature" process?