@prologic@twtxt.net this is a go version of Keyoxide.org that runs all server side. which is based on work from https://metacode.biz/openpgp/
OpenPGP has a part of the self signature reserved for notatinal data. which is basically a bunch of key/values.
this site tries to emulate the identity proofs of keybase but in a more decentralized/federation way.
my next steps are to have this project host WKD keys which is kinda like a self hosting of your pgp key that are also discoverable with http requests.
then to add a new notation for following other keys. where you can do a kind of web of trust.
@prologic@twtxt.net it is some interesting work to decentralize all the things.. tricky part is finding tooling. i am using a self hacked version of the go openpgp library. A tool to add and remove notations would need to be local since it needs your private key.
@xuu@txt.sour.is @prologic@twtxt.net The gpg command line leaves much to be desired…
@xuu@txt.sour.is @prologic@twtxt.net something that would be interesting would be libravatar for the user image. i made one that does the same for a profile cover image.
@prologic@twtxt.net huh.. true.. the email is md5/sha256 before storing.. if twtxt acted as provider you would store that hash and point the SRV record to the pod. .. to act as a client it would need to store the hash and the server that hosts the image.
That way at least we can form some kind of cryptographic “identity” without having to involve the users that much, it just works™
i like some of the work that keys.pub is doing with ed25519 crypto keys with something like that.
@prologic@twtxt.net do you think twt will ever add ActivityPub integration?