Hacker News new | past | comments | ask | show | jobs | submit login

This does not answer my question: You can still use the OpenPGP Signature scheme to implement this, and pick or invent a signature type to avoid the mix-up with existing signatures. You can still enforce "A centralized database", which in fact they already do with the Debian keyring. Such "endorsements" is exactly what OpenPGP signatures, and key upload protocols, are made for.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact