X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=website%2Findex.mdwn;h=606456955f29f32ba443d4169bdca79a75e63bb7;hb=d78a6e30ed3bc408e6a43077b4024597dfb810bd;hp=5cdf4d9a2364c586e6996e3ef573b8b2d700634a;hpb=4a0f106f79e46edd6a0c18ec68e7f0cb9f05550f;p=monkeysphere.git diff --git a/website/index.mdwn b/website/index.mdwn index 5cdf4d9..6064569 100644 --- a/website/index.mdwn +++ b/website/index.mdwn @@ -1,62 +1,119 @@ -The Monkeysphere project's goal is to extend the web of trust model and other -features of OpenPGP to other areas of the Internet to help us securely identify -each other while we work online. - -[[bugs]] | [[download]] | [[news]] - -##Conceptual overview## - -Humans (and monkeys) have innate capacity to keep track of the identity of a -finite number of people. After our social sphere exceeds several dozen or -several hundred (depending on the individual), our ability to remember and -distinguish people begins to break down. In other words, at a certain point, we -can't know for sure that the person we ran into in the produce aisle really is -the same person who we met at the party last week. - -For most of us, this limitation has not posed much of a problem in our daily, -off-line lives. With the Internet, however, we have an ability to interact -with vastly larger numbers of people than we had before. In addition, on the -Internet we lose many of our tricks for remembering and identifying people -(physical characteristics, sound of the voice, etc.). - -Fortunately, with online communications we have easy access to tools that can -help us navigate these problems. -[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a protocol commonly used for -sending signed and encrypted email messagess) is one such tool. In its simplest -form, it allows us to sign our communication in such a way that the recipient -can verify the sender. - -OpenPGP goes beyond this simple use to implement a feature known as the [web of -trust](http://en.wikipedia.org/wiki/Openpgp#Web_of_trust). The web of trust -allows people who have never met in person to communicate with a reasonable -degree of certainty that they are who they say they are. It works like this: -Person A trusts Person B. Person B verifies Person C's identity. Then, Person -A can verify Person C's identity. - -The Monkeyshpere's goal is to extend the use of OpenPGP from email -communications to other activities, such as: - - * trusting the servers we login to - * granting access to servers to people we've never met - -##Technical Details## - -The project's first goal is to integrate with -[OpenSSH](http://en.wikipedia.org/wiki/Openssh). - -OpenSSH provides a functional way for management of explicit RSA keys (without -certification of any type). The basic idea of this project is to create a -framework that uses GPG's keyring manipulation capabilities and public -keyservers to generate files that OpenSSH will accept and handle without -complaint. - -Both entities in an OpenSSH connection (client and server) thus have the -responsibility to explicitly designate who they trust to "introduce" others. -They can explicitly indicate this trust relationship with traditional GPG -keyring trust indicators. No modification is made to the SSH protocol on the -wire, which continues to use raw RSA public keys. +The Monkeysphere project's goal is to extend the web of trust model +and other features of OpenPGP to other areas of the Internet to help +us securely identify each other while we work online. + +Specifically, monkeysphere is a framework to leverage the OpenPGP +web of trust for OpenSSH authentication. In other words, it allows +you to use your OpenPGP keys when using secure shell to both identify +yourself and the servers you administer or connect to. OpenPGP keys +are tracked via GnuPG, and managed in the `known_hosts` and +`authorized_keys` files used by OpenSSH for connection authentication. + +[why?](/why) | [[news]] | [[download]] | [[documentation|doc]] | [[community]] | [[bugs]] + +## Conceptual overview ## + +Everyone who has used secure shell is familiar with the prompt given +the first time you log in to a new server, asking if you want to trust +the server's key by verifying the key fingerprint. Unfortunately, +unless you have access to the server's key fingerprint through a +secure out-of-band channel, there is no way to verify that the +fingerprint you are presented with is in fact that of the server your +really trying to connect to. + +Many users also take advantage of OpenSSH's ability to use RSA or DSA +keys for authenticating to a server (known as +"`PubkeyAuthentication`"), rather than relying on a password exchange. +But again, the public part of the key needs to be transmitted to the +server through a secure out-of-band channel (usually via a separate +password-based SSH connection or a (hopefully signed) e-mail to the +system administrator) in order for this type of authentication to +work. + +[OpenSSH](http://openssh.com/) currently provides a functional way to +manage the RSA and DSA keys required for these interactions through +the `known_hosts` and `authorized_keys` files. However, it lacks any +type of [Public Key Infrastructure +(PKI)](http://en.wikipedia.org/wiki/Public_Key_Infrastructure) that +can verify that the keys being used really are the one required or +expected. + +The basic idea of the Monkeysphere is to create a framework that uses +[GnuPG](http://www.gnupg.org/)'s keyring manipulation capabilities and +public keyserver communication to manage the keys that OpenSSH uses +for connection authentication. + +The Monkeysphere therefore provides an effective PKI for OpenSSH, +including the possibility for key transitions, transitive +identifications, revocations, and expirations. It also actively +invites broader participation in the +[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) [web of +trust](http://en.wikipedia.org/wiki/Web_of_trust). + +## Technical details ## + +Under the Monkeysphere, both parties to an OpenSSH connection (client +and server) explicitly designate who they trust to certify the +identity of the other party. These trust designations are explicitly +indicated with traditional GPG keyring trust models. Monkeysphere +then manages the keys in the `known_hosts` and `authorized_keys` +files directly, in such a way that is completely transparent to SSH. +No modification is made to the SSH protocol on the wire (it continues +to use raw RSA public keys), and no modification is needed to the +OpenSSH software. + +To emphasize: *no modifications to SSH are required to use the +Monkeysphere*. OpenSSH can be used as is; completely unpatched and +"out of the box". + +## Philosophy ## + +Humans (and +[monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html)) +have the innate capacity to keep track of the identities of only a +finite number of people. After our social sphere exceeds several dozen +or several hundred (depending on the individual), our ability to +remember and distinguish people begins to break down. In other words, +at a certain point, we can't know for sure that the person we ran into +in the produce aisle really is the same person who we met at the party +last week. + +For most of us, this limitation has not posed much of a problem in our +daily, off-line lives. With the Internet, however, we have an ability +to interact with vastly larger numbers of people than we had +before. In addition, on the Internet we lose many of our tricks for +remembering and identifying people (physical characteristics, sound of +the voice, etc.). + +Fortunately, with online communications we have easy access to tools +that can help us navigate these problems. +[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a cryptographic +protocol commonly used for sending signed and encrypted email +messages) is one such tool. In its simplest form, it allows us to +sign our communication in such a way that the recipient can verify the +sender. + +OpenPGP goes beyond this simple use to implement a feature known as +the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web +of trust allows people who have never met in person to communicate +with a reasonable degree of certainty that they are who they say they +are. It works like this: Person A trusts Person B. Person B verifies +Person C's identity. Then, Person A can verify Person C's identity +because of their trust of Person B. + +The Monkeyshpere's broader goals are to extend the use of OpenPGP from +email communications to other activities, such as: + + * conclusively identifying the remote server in a remote login session + * granting access to servers to people we've never directly met + +## Links ## + +* [OpenSSH](http://openssh.com/) +* [GnuPG](http://www.gnupg.org/) +* [Secure Shell Authentication Protocol RFC 4252](http://tools.ietf.org/html/rfc4252) +* [OpenPGP RFC 4880](http://tools.ietf.org/html/rfc4880) ---- This wiki is powered by [ikiwiki](http://ikiwiki.info). -