(from a mailing list discussion)
People and their keys should be linked, and we should have a UI for managing that.
The WebBox project
For initial reference, The WebBox project inverts the standard development approach: not focusing on applications, but focusing on standardized data formats so that everything saves to, requests data from, and is controlled by a single data store. Then, it doesn't matter what applications you're running, they all understand and interact with the same data.
Andrei Sambra worked on an open source implementation in collaboration with some of the Webbox people.
Openlink Data Spaces
a bit more heavyweight and enterprise oriented. Parts of the openlink engine are in nepomuk already and there's a good possibility that a webbox like solution will end up in kde (both desktop and web).
Knowing somebody else's key and using that on the backend to keep track of other folks' identities is a very different thing than managing your own key on any particular device.
Keys and users are many-to-many related. It makes for a fairly messy address-book.
When we do tackle key management, the key could exist on the remote box alone and the user could log into the box, unlocking the key there. If we don't tie identity to a specific type of key, we could use OTP or OTR keys instead of GPG keys sometimes, to help mitigate keystorage problems.