[[meta title="Why should you be interested in the MonkeySphere?"]]
-# Why should you be interested in the MonkeySphere? #
+[[toc ]]
## As an `ssh` user ##
Do you actually tediously check the fingerprint against a
cryptographically-signed message from the admin, or do you just cross
-your fingers and type "yes"? Do you wish there was a better way to do
-it? Shouldn't our tools be able to figure this out automatically?
+your fingers and type "yes"? Do you wish there was a better way to
+verify that the host your connecting to actually is the host you mean
+to connect to? Shouldn't our tools be able to figure this out
+automatically?
Do you use `ssh`'s public key authentication for convenience and/or
added security? Have you ever worried about what might happen if you
-lose control of your key? (Or did you have a key that was compromised
+lost control of your key? (Or did you have a key that was compromised
by [the OpenSSL debacle](http://bugs.debian.org/363516)?) How many
accounts/machines would you need to clean up to ensure that your old,
-bad key is no longer in use?
+bad key is no longer in use?
Have you ever wished you could phase out an old key and start using a
new one without having to comb through every single account you have
ever connected to?
-## As an `sshd` administrator ##
+[Get started with the monkeysphere as a user!](/getting-started-user)
-If you are a system administrator, have you ever tried to re-key an
-SSH server? How did you ease the change along to your users? How did
-you keep them from getting the big scary warning messages?
+## As a system administrator ##
-Have you ever wanted to allow a colleague key-based access to a
+As a system administrator, have you ever tried to re-key an SSH
+server? How did you communicate the key change to your users? How
+did you keep them from getting the big scary warning message that the
+host key had changed?
+
+Have you ever wanted to allow a remote colleague key-based access to a
machine, *without* needing to have a copy of their public key on hand?
-Have you ever wanted to be able to revoke the ability of a key to
-authenticate across the entire infrastructure you manage, without
-touching each host by hand?
+Have you ever wanted to be able to add or revoke the ability of a
+user's key to authenticate across an entire infrastructure you manage,
+without touching each host by hand?
+
+[Get started with the monkeysphere as an administrator!](/getting-started-admin)
## What's the connection? ##
-These questions all stem from rough edges we run up against in regular
-use of SSH that could be improved by a decent [Public Key
+All of these issues are related to a lack of a [Public Key
Infrastructure (or
-PKI)](http://dictionary.die.net/public%20key%20infrastructure). A PKI
-at its core is a mechanism to provide answers to a few basic
-questions:
+PKI)](http://dictionary.die.net/public%20key%20infrastructure) for
+SSH. A PKI at its core is a mechanism to provide answers to a few
+basic questions:
-* Do we know who a key actually belongs to? How do we know?
+* Do we know who (or what host) a key actually belongs to? How do we know?
* Is the key still valid for use?
Given a clearly stated set of initial assumptions, functional
people meet in person for the first time).
The good news is that this is all possible, and available with free
-tools!
+tools: welcome to the MonkeySphere!
## Examples ##
Alice can set up the new `bob` account on `foo.example.org` without
needing to give Bob a new passphrase to remember, and without needing
to even know Bob's current SSH key. She simply tells `foo` that `Bob
-<bob@example.net>` should have access to the `bob` account.
+<bob@example.net>` should have access to the `bob` account. The
+MonkeySphere on `foo` then verifies Bob's identity through the OpenPGP
+Web of Trust and automatically add's Bob's SSH key to the
+authorized_keys file for the `bob` account.
Bob's first connection to his new `bob` account on `foo.example.org`
-is seamless, because all the steps are already in place! Using the
+is seamless, because the MonkeySphere on Bob's computer automatically
+verifies the host key for `foo.example.org` for Bob. Using the
MonkeySphere, Bob never has to "accept" an unintelligible host key or
type a password.
than the current infrastructure allows, and is more meaningful to
actual humans using these tools than some message like "Certified by
GloboTrust".
+
+## Philosophy ##
+
+Humans (and
+[monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html))
+have the innate capacity to keep track of the identities of only a
+finite number of people. After our social sphere exceeds several dozen
+or several hundred (depending on the individual), our ability to
+remember and distinguish people begins to break down. In other words,
+at a certain point, we can't know for sure that the person we ran into
+in the produce aisle really is the same person who we met at the party
+last week.
+
+For most of us, this limitation has not posed much of a problem in our
+daily, off-line lives. With the Internet, however, we have an ability
+to interact with vastly larger numbers of people than we had
+before. In addition, on the Internet we lose many of our tricks for
+remembering and identifying people (physical characteristics, sound of
+the voice, etc.).
+
+Fortunately, with online communications we have easy access to tools
+that can help us navigate these problems.
+[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a cryptographic
+protocol commonly used for sending signed and encrypted email
+messages) is one such tool. In its simplest form, it allows us to
+sign our communication in such a way that the recipient can verify the
+sender.
+
+OpenPGP goes beyond this simple use to implement a feature known as
+the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web
+of trust allows people who have never met in person to communicate
+with a reasonable degree of certainty that they are who they say they
+are. It works like this: Person A trusts Person B. Person B verifies
+Person C's identity. Then, Person A can verify Person C's identity
+because of their trust of Person B.
+
+The Monkeyshpere's broader goals are to extend the use of OpenPGP from
+email communications to other activities, such as:
+
+ * conclusively identifying the remote server in a remote login session
+ * granting access to servers to people we've never directly met