= OpenPGPEmailSummit: EmailValidation

Workshop at [[OpenPGPEmailSummit201512|2nd OpenPGP Email Summit, Dec 2015]] run by Nicolai Josuttis

With this approach we want to establish a quick backward compatible solution to validate email addresses of UIDs of OpenPGP keys.

The key approach is:

* Define a standard signature format to signal successfull email validation
** The standard format would be:
*** expires after 1 year
*** having a "signature notation" defining when/how/what was validated as JSON value
** The standard format allows email clients to process them accordingly
*** E.g.: List who validated the email address or prefer validated email addresses over those not validated.
** But even existing email clients can benefit from them
** According to the WebOfTrust a user can grant trust (and therefore priority) to emails with specific signatures

* Establish some initial validation servers to perform that validations on request

Key properties of the approach are:
* No change of existing key server infrastructure or protocol
* Existing email clients can use it

Initial Proposal: https://lists.gnupg.org/pipermail/gnupg-users/2015-July/053971.html

Slides: [[attachment:EmailValidation20151207.pdf]]

Whiteboard 2nd OpenPGP Summit: [[attachment:Whiteboard_EmailValidation.png]]