Key directory with IPFS?

This is my first post in this forum, so hello everybody. :slight_smile:

I was wondering what would be the best way to implement a public key directory using IPFS. A key directory is a service that lets you, between other things, get a whole public key from its fingerprint. Interestingly, this is also exactly what IPFS does: get content from its hash (only the hash is calculated differently), so I figure there would be a number of interesting things to do around that.

A key directory could have additional functions, such as looking up a key through other properties: parts of the fingerprint (for example GPG often uses the last part), maybe a name…

I’m still an IPFS new bee (but I’m working on it!), so I’m not sure if the best approach would be, maybe using IPNS, links, IPLD… or something completely different even.

Thoughts?

A key directory, where many people store their public keys, must be mutable, so IPNS is the only solution.

Example with my public keys: https://ipfs.io/ipns/QmUeTMMQbV89eNHr5p9pv9PeWvrRz9NSDgwXYkrMJL4yGR

You can then easily search for a key, e.g. with

ipfs ls /ipns/QmUeTMMQbV89eNHr5p9pv9PeWvrRz9NSDgwXYkrMJL4yGR/gpg | grep 7647AA53
QmZmGp8WbJqN8BtJfFpTVebhmL6ZWQ3kKGNkHH1iqAtVu5 3151 7AEA6B690480F5481CED13FF5A793BE17647AA53-joss.brown@gmx.net.asc

Needless to say, you can also grep for the email address, the full fingerprint etc.… and then you can cat the file:

ipfs cat QmZmGp8WbJqN8BtJfFpTVebhmL6ZWQ3kKGNkHH1iqAtVu5                                                                       [02:06:56]
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: LCARSgpg

mQINBFlKlFQBEACruemBNYXNNyvnptWQFdz5TTjQihiqGUoovpN46YnrU0+7INUc
IHEdwQY7PLaNaeIzktb/CCOLA+B7iRHrShDJYKDI5I0z8doS3NDF28er0vmh4KG9
NudOLexpKtIbBSEb0MLOsJ/em0Xk2WL8ZIlO0WNSZTHxLgUB7zPcMeqodIYcSrdD
IVevDtJqZkX5q9m6JgyoAIAsBREoUK4fbt6cwZxyDGL2PtCQRCnR9CSFK0JyW5Jq
CjiTUtHdgLGlw7bUE8pXGrLWz9gfZ5S9by3iIKjGS44vs0kWM8f4uuJ/voRJ07as
azWBl87sUADjKrdw6pX8aoibPnDf4i173zjZXBkvu4msP3Kt2FMEQZGtWLggGvC9
Yhn1/ofxtuaAlrxsGShSs6mW6Ny3b6w8N0R3EGGaXEc54TB403fW0MpjrYrumNjd
wjMWF00Nxn7TTghNLSQQQhkGzryNEy+hiVcQm+xHfwkAqLmpDXDiBrPKWKs3XUIl
EoAfoVW68KVrPOMTF5+2qzpmBavYLvxnS9l2oCtvJ1l9QVPIPvIjAfdC2Ck+iQfb
ogwh9/CfK4w+S10OjPZaEb2DBJ1zYrN1EIx3yWaCttyKfUJpCDuGuMtChj8k/h3k
ldbrEonr/ueY1gEgHDHyQ9WzepHnkK30Yw2forjOkDhDSXLly0SgnD8hZQARAQAB
tDpKb2hhbm5lcyBCcmF1biAoSm9zcyBCcm93biwgSmF5QnJvd24pIDxqb3NzLmJy
b3duQGdteC5uZXQ+iQI/BBMBCAApBQJZSpRUAhsDBQkOKs6ABwsJCAcDAgEGFQgC
CQoLBBYCAwECHgECF4AACgkQWnk74XZHqlNeJA//Rf54aYIQxj8+3H86RvndXRrv
KxuJkxZbaDhAJ60nJID69NMHvwL1yZvbvu9dwI/W1eykV/FtpmBaWbRUikh/mPYp
Au3MF/sukZPrP6VJ1XSm12Ip6JT0PBubnPKcHbfum3huNpkp6QteeOpwENpjxVI3
zKvSb6QjugqUDctRqRgHKwZHFjMi7/fncHcST+cCSqVT1RjN9j8+qqE2hI4J4il9
dfPjPRJyRRI15SEhiici7g1tcuzD0FwZF1QVnaj4aV5saSXkjAQpvsiSfjBDIjgm
SsC6bxSYDrU+rCB6c7qZbcRWa3d7TKbsQFPv6/dGJF/5f1eNVM1Kl43TNkcOzvl4
+cRoehi9MoFK7Aow3NcTKlRkSQ62AuKderHYcMujT7+GiYHedPPYSmKRlEkOiDJE
neGL3GO0CL7I4RRrVjtAZ3XDPkdC1QBb4BMN+fkXkkNtnyie5yAQeRmS8fRGpnJO
OhwvX0BdlwYe8B2WjWsg6thltIOlmTHrKHo+XEcKT+8HtqznRMB7UBJCttWMo/qD
vdQfWCMgv5LIxoLRzR8kbT/kt1Z8ru2QNBuJ0HLp9wz8YEuDy0sBBcmYEsDrz11w
xl3GnItnK5X57yBjUnukv46rLqCk9DtPlLFyBdHe0es5kTMfmSlmOd+x9CvYA6+4
YJe8fz6ix6RDswIgYRK5Ag0EWUqUVAEQAJLBu0nHoAizFZz+c+dUvl2jH3f3x9Wc
P2xBywDksBFJBY7r7UqMnvBSYid7OkiHb5dKygjtmykrTs0u2cKdnfKnua4fOKJ0
ON3Td+QuuPzhBNTNKBeYw8lqyN5aUGkbnrQoPeQysip1eI9hb0znwaG4KOVXVIdg
CIRrWRnjSTtkCPY3ZWD118Ue+MkiR7bD7R6rBOrwX77pg8zWJ9Lsq/AlEpq/8SfP
n8Y1E07VnRgEYAlN12RV6DK1yzlIkPqK21Ssokmwa+Jv+T+BUXfuKaa0mnZBHmhC
FHK4OivcEil+rIj+5HjbebQCyBjw7OIEjlRJQOWHAhxrYD90sFjQGn8C4QfQ863F
/2L1AL2BKzWAhii+OpnID1sQBGSMpDI7DvnsvfLT7YYDGobKAnRvQaqumhx92hRY
E99DyR97MBdMydmooaanYWY3q4Pti9CXmi7Tq6FFupFTbGe+rYXn4JL22L6oGtT1
ha/iUDGvfZyl/JHTZdF05F5yYl2Wf9SQHgP0bRJxR1lsV09eicAf+N9f9nyx5ujD
5jczddgfjpTSSU+rbGO6MySdG0FN5dy5KO5YxYFHHeuMYXoGtvnR9VQLX+Ri4kbB
wCFiATNcKS+8XFNsom9Sd0eQ+BUE639GZHs4NHVtI1LuoP1VzgUAfHBEvjNnGSOl
J0/fUeaXlt0zABEBAAGJAiUEGAEIAA8FAllKlFQCGwwFCQ4qzoAACgkQWnk74XZH
qlPbRw//Wb+AdVqdHhflFPFJmHLzxE03EomCwt/cov6+5MOqd+eUWdDzNYdHKcBG
hX9k4e7EMURIp5GNVpF3TP13taOMKY4IZZNLkTK4oczJZooMRror7bdIEZ2cdYCi
0m75jfr6E2szZ5yoKmGxHPd+M2BVi3sqOYSbKAc5YCXpq9EW2KuhWOzo5sWs/8TY
8ygQ1Kc6QOnwr8kThzyziCEhPIE2QE1k+lkYljRT9ld8RIgR4t+ZA5FrS+ni96r1
RKrZY04wsSH/xxCyMzNz0cXvoarJbYh5UuKV6PQ5hVvcSq4M/6bgeFd6cuOw9xQw
iVhx7psp+/ewrkTO32C+JhyIDJFsOu9rLaaL/g81U2oeNwNCLnteqdvQ/ksumpc6
Utz04BxNkGGHXr99CIs9I77/qrIB85tVop4dNSTB6QHB3j0UCpMNR8F5qc4UMdqM
ir+gyw56t8v925stX22BWXhJB1PZu1ljX8lqmwsO2pd4y+ZkKLdncplJ1wwCQnEP
+kAKWI5GVLEO0aztHy7xYtX1Eobm0L2P4+IAoBr60oEdFCu2OeMVAnCSZ9e2t19x
ICPfcLXlVV+7bxYE6thfHX2CMQ2eb64x5r4AYX+Z0jPceUJRMZDFTK6YLrprODfC
+RURTrOr/B+EHhDmuSOdq0ZQjLcmOvcqv0vWLWL6R3pCDRiYME0=
=AnrM
-----END PGP PUBLIC KEY BLOCK-----

If you distribute the IPNS key that’s used to publish to this online directory, then other users could add their keys to the respective subfolders (smime or gpg) and publish to the same IPNS address. However, I believe, if they have the IPNS publishing key, then they can also delete other people’s keys from the ipns directory.

So the best thing is probably for people to add their public keys to the IPFS (to their node), and add the IPFS hashes of those keys with added information to a key server + website that’s also distributed and on the IPFS.

And while we’re at it: almost nobody cares about S/MIME, when talking about public keys, only about GPG, but that’s way simpler for most people than GPG, so if someone wants to develop a public key server/site solution, please don’t forget S/MIME. :slight_smile:

You can add a trust functionality as well, i.e. verifying/trusting a certain certificate publicly, but then you would probably need to incorporate Ethereum.