Quote from: Guru on July 27, 2012, 10:23 amI would suggest the following: two-level access. Initial access would not require a PGP key to be submitted. However in order to increase one's level of access, one should be required to submit a proper PGP key, and correctly respond to an automated challenge. In other words, once a prospective user submits a PGP key, the system generates a randomly-generated challenge string, and encrypts it with the users' PGP public key. The user is presented with the encrypted challenge. In order for the system to raise their level of access, the user must decrypt the challenge, and submit the challenge string to the system. If the string matches, then the user has demonstrated that they have at least mastered the rudiments of PGP. What do other people think of this idea? I think this is an excellent suggestion and I'd definitely support it!Of course you're preaching to the choir with me. ;)