dc10 - 0.5

DebConf10

Speakers
Daniel Kahn Gillmor
Greg Lyle
Schedule
Day DebConf Day 7 (2010-08-07)
Room Interschool Lab
Start time 10:30
Duration 01:00
Info
ID 572
Event type workshop
Track
Language en
Feedback

Monkeysphere

Fixing Authentication on the (Debian) 'Net with OpenPGP

Monkeysphere is a project to extend the OpenPGP Web of Trust into as many domains as possible, effectively supplanting hierarchical certification infrastructure like X.509, and restoring control over authentication and identification to the communications peers themselves and their own legitimately trusted introducers.

We will discuss how Debian can take advantage of Monkeysphere and related ideas, and how packagers can make sure their packages can make use of it.

Debian relies on the OpenPGP Web of Trust as a decentralized mechanism for public key distribution for many critical tasks, including developer identification, NM and DM advocacy, GR proposals and seconds, voting, and package uploads. Despite this well-established distributed key management infrastructure, the Debian project uses centrally-managed (or un-managed) keys in other situations, including the web and ssh, where OpenPGP has not traditionally been available.

Monkeysphere is a project to extend the OpenPGP Web of Trust into as many domains as possible, effectively supplanting hierarchical certification infrastructure like X.509, and restoring control over authentication and identification to the communications peers themselves and their own legitimately trusted introducers. We have functional tools for authenticating peers over the World Wide Web and SSH, with plans for more protocols.

This workshop will cover how the Monkeysphere could enable the use of OpenPGP in other parts of Debian infrastructure, and how Debian developers can ensure that their packages are capable of taking advantage of the Web of Trust we all rely on.

Recordings