Comment by aborsy
3 hours ago
What’s the current best solution for associating a public key to an identity or person?
This is not related to cryptography protocols.
OpenPGP key server verifies email. Keybase was a good idea but seems dead. Maybe identity providers?
> Maybe identity providers?
That's essentially all Sigstore is: it uses an identity provider to bind an identity (like an email) to a short-lived signing key.