Proposal:Pseudonymous PGP
Every proposal should be tied to one of the strategic priorities below.
Edit this page to help identify the priorities related to this proposal!
- Achieve continued growth in readership
- Focus on quality content
- Increase Participation
- Stabilize and improve the infrastructure
- Encourage Innovation
Summary
Facilitate authenticated/secure communications using Pretty Good Privacy without surrendering users' privacy.
Proposal
- Set up a keyserver which will be used primarily for a pseudonymous Wikimedian web of trust.
Motivation
- Users may wish to have authenticated or secure communications (primarily email).
- The standard method to do this is PGP. PGP requires the surrender of one's privacy.
- For our purposes, it is not necessary to know the real identity of the sender, only the association between that person, and whoever logs into the on-wiki account (and potentially secondary/tertiary services like a toolserver shell account, TUSC account, or mailman login).
Key Questions
- Can/Should/How would this integrate with the larger PGP web of trust?
- Can/Should users who are identified to the Foundation for roles involving access to private information have their keys signed by non-pseudonymous Foundation staff to provide a more credible link which might be accepted in the larger PGP web of trust?
Potential Costs
- Tech costs for setting up and maintaining a keyserver.
- Educational campaign for Wikimedians and outsiders using PGP.
References
Community Discussion
Do you have a thought about this proposal? A suggestion? Discuss this proposal by going to Proposal talk:Pseudonymous PGP.
Want to work on this proposal?
- .. Sign your name here!