mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-22 07:32:05 +01:00
edit header for minimization examples and edit first example of Hagrid
This commit is contained in:
parent
0d87ddefba
commit
1f8952971e
1 changed files with 4 additions and 4 deletions
|
@ -146,13 +146,13 @@ Additionally, specific elements of a certificate can be selectively omitted duri
|
||||||
|
|
||||||
Through these targeted techniques, certificate minimization serves to enhance the practical usability of certificates in various environments and protect against potential security threats and privacy concerns. It strikes a careful balance, maintaining the OpenPGP trust framework while optimizing certificates for efficiency and specific operational contexts.
|
Through these targeted techniques, certificate minimization serves to enhance the practical usability of certificates in various environments and protect against potential security threats and privacy concerns. It strikes a careful balance, maintaining the OpenPGP trust framework while optimizing certificates for efficiency and specific operational contexts.
|
||||||
|
|
||||||
### Minimization in applications
|
### Application-specific approaches: Hagrid and GnuPG
|
||||||
|
|
||||||
#### Hagrid, which runs keys.openpgp.org
|
#### Hagrid
|
||||||
|
|
||||||
The [hagrid keyserver software](https://gitlab.com/keys.openpgp.org/hagrid) doesn't publish the identity components in certificates by default. This is a central aspect of the [privacy policy](https://keys.openpgp.org/about/privacy) of the service. Certificates can be uploaded to the service by third parties, which is useful. However, identifying information is only distributed by the service on an explicit opt-in basis.
|
[Hagrid keyserver software](https://gitlab.com/keys.openpgp.org/hagrid), operating keys.openpgp.org, adopts a privacy-centric model by not automatically publishing identity components of certificates. According to its [privacy policy](https://keys.openpgp.org/about/privacy), the service allows certificates to be uploaded by anyone, but identifying information is shared only with the certificate owner's explicit opt-in. This measure significantly contributes to user privacy and aids in minimizing certificates by default.
|
||||||
|
|
||||||
Separately, third-party certifications are currently filtered out by the service, to avoid flooding attacks.
|
Additionally, to mitigate the risk of certificate flooding, Hagrid currently filters out third-party certifications, further aligning with certificate minimization principles.
|
||||||
|
|
||||||
#### GnuPG
|
#### GnuPG
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue