-On mangabey's side, since Bob's key has "full" validity (since it had
-also been signed by Alice, mangabey's trusted administrator), Bob is
-authenticated and authorized to log into bob@mangabey.
-
-NOTES
-=====
-
-* Daniel and Elliot lie. <check>
-* We will use a distributed VCS, each developer will create their own
- git repository and publish it publicly for others to pull from, mail
- out
-* public project page doesn't perhaps make sense yet
-* approximate goal - using the web of trust to authenticate ppl for
- SSH
-* outline of various components of monkeysphere
-* M: what does it mean to be in the monkeysphere? not necessarily a
- great coder.
-* J: interested in seeing project happen, not in actually doing it.
- anybody can contribute as much as they want.
-* J: if we put the structure in place to work on monkeysphere then we
- don't have to do anything
-* D: we are not creating
-* understand gpg's keyring better, understanding tools better,
- building scripts
-* Some debian packages allow automated configuration of config files.
-
-* GENERAL GOAL - use openpgp web-of-trust to authenticate ppl for SSH
-* SPECIFIC GOAL - allow openssh to tie into pgp web-of-trust without
- modifying either openpgp and openssh
-* DESIGN GOALS - authentication, use the existing generic OpenSSH
- client, the admin can make it default, although end-user should be
- decide to use monkeysphere or not
-* DESIGN GOAL - use of monkeysphere should not radically change
- connecting-to-server experience
-* GOAL - pick a monkey-related name for each component
-
-Host identity piece of monkeysphere could be used without buying into
-the authorization component.
-
-Monkeysphere is authentication layer that allows the sysadmin to
-perform authorization on user identities instead of on keys, it
-additionally allows the sysadmin also to authenticate the server to
-the end-user.