From: Daniel Kahn Gillmor Date: Mon, 28 Jul 2008 04:06:03 +0000 (-0400) Subject: merged from jamie mcclelland. X-Git-Tag: monkeysphere_0.5-1~3 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=150823244a77ba0376b4defc53d0cc7faa15ce78;p=monkeysphere.git merged from jamie mcclelland. --- 150823244a77ba0376b4defc53d0cc7faa15ce78 diff --cc website/index.mdwn index 5fca19c,5cdf4d9..1941733 --- a/website/index.mdwn +++ b/website/index.mdwn @@@ -40,41 -36,26 +40,33 @@@ A can verify Person C's identity The Monkeyshpere's goal is to extend the use of OpenPGP from email communications to other activities, such as: - * trusting the servers we login to - * granting access to servers to people we've never met + * conclusively identifying the remote server in a remote login session + * granting access to servers to people we've never directly met -##Technical Details## +## Technical Details ## The project's first goal is to integrate with -[OpenSSH](http://en.wikipedia.org/wiki/Openssh). - -OpenSSH provides a functional way for management of explicit RSA keys (without -certification of any type). The basic idea of this project is to create a -framework that uses GPG's keyring manipulation capabilities and public -keyservers to generate files that OpenSSH will accept and handle without -complaint. - -Both entities in an OpenSSH connection (client and server) thus have the -responsibility to explicitly designate who they trust to "introduce" others. -They can explicitly indicate this trust relationship with traditional GPG -keyring trust indicators. No modification is made to the SSH protocol on the -wire, which continues to use raw RSA public keys. +[http://openssh.com/](OpenSSH). + +OpenSSH provides a functional way for management of explicit RSA and +DSA keys (without any type of [Public Key Infrastructure +(PKI)](http://en.wikipedia.org/wiki/Public_Key_Infrastructure)). The +basic idea of this project is to create a framework that uses GPG's +keyring manipulation capabilities and public keyservers to generate +files that OpenSSH will accept and handle as intended. This offers +users of OpenSSH an effective PKI, including the possibility for key +transitions, transitive identifications, revocations, and expirations. +It also actively invites broader participation in the OpenPGP Web of +Trust. + +Under the Monkeysphere, both parties to an OpenSSH connection (client +and server) have a responsibility to explicitly designate who they +trust to certify the identity of the other party. This trust +designation is explicitly indicated with traditional GPG keyring trust +model. No modification is made to the SSH protocol on the wire (it +continues to use raw RSA public keys), and it should work with +unpatched OpenSSH software. - ## Site Details ## - - * [[download]] - * [[news]] - * [[documentation|doc]] - * [[bugs]] - * [[contact]] - ---- This wiki is powered by [ikiwiki](http://ikiwiki.info).