Process to prevent accidental listing of bad pubkeys #29
Description
Description
It would be nice if the process for adding log and witness pubkeys to the lists prevented addition of accidentally broken keys (i.e., this is more about catching mistakes rather than preventing attacks). In particular for the log list, it's nice if we avoid having witnesses pull a broken log key for which no valid signature will ever be seen.
One way could be to require a submission of an entry to include an example of a valid signature by that key, e.g., as part of a cosigned checkpoint. If the process requires that kind of validation, that ensures that there exists a private key corresponding to the public key to add, and that the key owner has used it at least once for the appropriate purpose (log signature or witness cosignature). One could also consider committing corresponding example signatures to the repo, and have the CI run the signature check for all entries on all published lists.
Requiring a valid signature before distributing a key is somewhat analogous to an x.509 certificate signing request requiring a valid self-signature by the key to be certified.