Proposal:Pseudonymous PGP

From Strategic Planning
Status (see valid statuses)

The status of this proposal is:
Request for Discussion / Sign-Ups

Every proposal should be tied to one of the strategic priorities below.

Edit this page to help identify the priorities related to this proposal!


  1. Achieve continued growth in readership
  2. Focus on quality content
  3. Increase Participation
  4. Stabilize and improve the infrastructure
  5. Encourage Innovation


Summary

Facilitate authenticated/secure communications using Pretty Good Privacy without surrendering users' privacy.

Proposal

  • Set up a keyserver which will be used primarily for a pseudonymous Wikimedian web of trust.

Motivation

  • Users may wish to have authenticated or secure communications (primarily email).
  • The standard method to do this is PGP. PGP requires the surrender of one's privacy.
  • For our purposes, it is not necessary to know the real identity of the sender, only the association between that person, and whoever logs into the on-wiki account (and potentially secondary/tertiary services like a toolserver shell account, TUSC account, or mailman login).

Key Questions

  • Can/Should/How would this integrate with the larger PGP web of trust?
  • Can/Should users who are identified to the Foundation for roles involving access to private information have their keys signed by non-pseudonymous Foundation staff to provide a more credible link which might be accepted in the larger PGP web of trust?

Potential Costs

  • Tech costs for setting up and maintaining a keyserver.
  • Educational campaign for Wikimedians and outsiders using PGP.

References

Community Discussion

Do you have a thought about this proposal? A suggestion? Discuss this proposal by going to Proposal talk:Pseudonymous PGP.

Want to work on this proposal?

  1. .. Sign your name here!