Ludo, would you please consider moving to the GNU Name System?  GNS is
based on SDSI/SPKI (delegation certificates!), and has many other
advantages (not to mention uses Curve25519 instead of RSA).  GNUnet's
identity management is based on Curve25519 ECDSA signatures, and we are
using libgcrypt for those.

My 2 cents

-Christian

On 03/12/2014 09:56 PM, Ludovic Courtès wrote:
> Again, SPKI:
> 
>   http://lists.gnu.org/archive/html/guix-devel/2013-12/msg00135.html
>   http://theworld.com/~cme/spki.txt
>   http://lists.gnu.org/archive/html/guix-devel/2013-12/msg00141.html
> 
> SPKI is very flexible, and would allow users to publish “delegation
> certificates”.  For instance, I could sign a certificate that says “I
> trust packages signed with this key.”  That’s a very useful feature.
> 
> (It’s of course similar to OpenPGP’s web of trust, except that OpenPGP
> is engineered to handle specifically email/key bindings.)
>