-[[meta title="Why should you be interested in the MonkeySphere?"]]
+[[meta title="Why should you be interested in the Monkeysphere?"]]
-[[toc ]]
+# Why should you be interested in the Monkeysphere? #
+
+[[!toc levels=2]]
## As an `ssh` user ##
Do you actually tediously check the fingerprint against a
cryptographically-signed message from the admin, or do you just cross
your fingers and type "yes"? Do you wish there was a better way to
-verify that the host your connecting to actually is the host you mean
-to connect to? Shouldn't our tools be able to figure this out
+verify that the host you are connecting to actually is the host you
+mean to connect to? Shouldn't our tools be able to figure this out
automatically?
Do you use `ssh`'s public key authentication for convenience and/or
people meet in person for the first time).
The good news is that this is all possible, and available with free
-tools: welcome to the MonkeySphere!
+tools: welcome to the Monkeysphere!
## Examples ##
needing to give Bob a new passphrase to remember, and without needing
to even know Bob's current SSH key. She simply tells `foo` that `Bob
<bob@example.net>` should have access to the `bob` account. The
-MonkeySphere on `foo` then verifies Bob's identity through the OpenPGP
+Monkeysphere on `foo` then verifies Bob's identity through the OpenPGP
Web of Trust and automatically add's Bob's SSH key to the
authorized_keys file for the `bob` account.
Bob's first connection to his new `bob` account on `foo.example.org`
-is seamless, because the MonkeySphere on Bob's computer automatically
+is seamless, because the Monkeysphere on Bob's computer automatically
verifies the host key for `foo.example.org` for Bob. Using the
-MonkeySphere, Bob never has to "accept" an unintelligible host key or
+Monkeysphere, Bob never has to "accept" an unintelligible host key or
type a password.
When Bob decides to change the key he uses for SSH authentication, he
choice of the user:
* individual per-host certifications by each client (much like the
- stock OpenSSH behavior),
+ stock OpenSSH behavior), or
* strict centralized Certificate Authorities (much like proposed X.509
- models), and
+ models), or
* a more human-centric model that recognizes individual differences in
ranges of trust and acceptance.