Quick update:
Only a few days are left until the last and final Evaluation Phase.
I spent the week opening my pull request against Smacks master branch and adding a basic trust management implementation. Now the user is required to make decisions whether to trust a contacts key or not. However, the storage implementation is kept very modular, so an implementor can easily create a trust store implementation that realizes custom behaviour.
Smack-openpgp now allows users which did not subscribe to one another to exchange encryption keys quite easily. If a user receives an encrypted message, the implementation automatically fetches the senders keys to allow signature verification.
Furthermore there are more JUnit tests now, so that Smacks total test coverage actually increases when my PR gets merged 😀
Happy Hacking!