Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/heapwolf/pks

Public Key Server; an invite-only-approach with built in master-master replication.
https://github.com/heapwolf/pks

Last synced: 25 days ago
JSON representation

Public Key Server; an invite-only-approach with built in master-master replication.

Host: GitHub
URL: https://github.com/heapwolf/pks
Owner: heapwolf
Created: 2013-08-03T16:28:49.000Z (over 11 years ago)
Default Branch: master
Last Pushed: 2013-09-04T19:18:15.000Z (about 11 years ago)
Last Synced: 2024-10-18T16:46:06.015Z (26 days ago)
Language: JavaScript
Homepage:
Size: 148 KB
Stars: 6
Watchers: 4
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # SYNOPSIS

An invite-only-model public key server.

# USAGE

```bash

npm install pkp -g

pkp init

npm install pks -g

pks

```

# SERVER SPECIFICATION

Keys are stored in certificates. A certificate has some meta data that describes

a key.

A server should

  - Without auth

    - Responsd with a certificate when queried with a public key

  - With auth

    - Store a certificate

  - Replicate in a Master/Master Scenario according to any known servers in its database

  - Provide a list of up to 5 of the most recently successful servers that it has replicated to

  - Run on port 11372 (the next port after a well known port for the openPGP key server)

# CERTIFICATE DEFINITION

```json

{

  "address-at": "[email protected]",

  "servers-at": ["async.ly", "ghub.io"],

  "public": "...",

  "algorithm": "rsa"

}

```

# INVITATION TEMPLATE

```text

  Hello,

  I am running an experimental, invite-only-model Public Key

  Server. I'd like to invite you to store your public key and

  email address on it so that they can be made available for

  public inquiry.

  Why

  As your software becomes widely distributed and highly used,

  people will want to determine if they can "trust" it.

  With a tool like Public Key Pen, you can create certificates

  for your software. A certificate is a cryptographic signature

  of the data, your public key and your name. A certificate can

  be distributed with your software.

  When someone wants to verify a certificate, they can search

  through a non-centralized network of Public Key Servers to

  establish "trust" from consensus.

  How

  Servers are "invite only". This means that the data found on

  it was added by its owner or other servers that were invited

  to participate in data replication. This reduces the number 

  of possible "bad" certificates in circulation.

  Links

  Public Key Pen (https://github.com/hij1nx/pkp)

  Public Key Server (https://github.com/hij1nx/pks)

```