pgp-key-management/todo.md

25 lines
759 B
Markdown
Raw Normal View History

2024-08-05 19:23:29 -07:00
# TODO
There's lots of things to add.
- TLS
- Autorenew this with an ACME server (eg, Boulder; use the Lego library)
- self-host the Boulder server & add the main CA pubkey to the client
- Work with self-signed stuff for now tho
- Authentication
- Give each client an API key
- Limit decryption keys that client can access?
- Admin UI on the server
- Manage client accounts
- Import public keys
- Add/Remove keys
- Private Key autorotation
- PGP Public Key Server
- a la keys.openpgp.org
- two servers? one public (company pub keys), one internal (customer pub
keys)
- Encryption groups
- Add a number of public keys to a group. When the client encrypts to a
group, use all the keys.
- Auto-remove expired keys from groups