@trini @Tryphon TOFU is a completely different approach; one I am much more comfortable with.

The only guarantee TOFU gives, is "this is the same key as you were communicating with last time" - which is simple enough that people can reason about it, and yet strong enough that it significantly boosts security.

TOFU is an excellent baseline, people who need more can augment it by verifying keys out of band, pinning keys, etc.

Simplicity matters! For code and UX.

Bad UX = mistakes = insecurity.

ยท Web ยท 1 ยท 2 ยท 4

@trini @Tryphon Another recent development in the PGP world, is WKD, the web key directory.

The security of WKD piggy-backs off TLS and the CA-based trust model of the web.

The WKD promise is "the website at foo.com claims this is the key for user@foo.com". That's a good baseline, assuming user is on friendly terms with his domain and website admin.

WKD is great for institutions and organizations, maybe less awesome for Joe Random Activist.

@HerraBRE @trini @Tryphon still a better start than sks keyservers, though.

also, we need to enhance the pgp key specification, by only allowing signatures that were signed off by the key-owner themselves to be attached to publickeys!

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!