<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Nov 18, 2014 at 12:01 PM, Tao Effect <span dir="ltr"><<a href="mailto:contact@taoeffect.com" target="_blank" onclick="window.open('https://mail.google.com/mail/?view=cm&tf=1&to=contact@taoeffect.com&cc=&bcc=&su=&body=','_blank');return false;">contact@taoeffect.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div style="word-wrap:break-word"><div>For secure communications systems, I prefer systems that no entity has a monopoly over, without central authorities or points of failure. They're more robust and less prone to tampering. The 51% attack is the worse that can happen with the blockchain, and it amounts only to censorship. The worst that can happen with a central authority, on the other hand, is total compromise.</div></div></blockquote><div><br></div><div>I share similar concerns about Keybase's centralization. Beyond that, they've created bespoke, proprietary protocols which have weird designs IMO (e.g. the "proofs"). I expect a lot of interesting attacks against all of the existing Keybase proofs will become possible when SHA1 second preimage attacks are possible.</div><div><br></div><div>All that said, something needs to replace the SKS model. The UX of the SKS system is horrific.</div><div><br></div><div>I would like to see something similar to Keybase, but open source, designed via an open process, and such that anyone could run a server.</div><div><br></div><div>To that end, the key directory system proposed by Google E2E sounds like the best approach to me.</div></div><div><br></div><div>On Tue, Nov 18, 2014 at 12:29 PM, Maxwell Krohn <span dir="ltr"><<a href="mailto:themax@gmail.com" target="_blank" onclick="window.open('https://mail.google.com/mail/?view=cm&tf=1&to=themax@gmail.com&cc=&bcc=&su=&body=','_blank');return false;">themax@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Storage and availability is centralized, but not trust. Clients don’t trust the server.</blockquote><div><br></div><div>This isn't true. A server is authoritative for a user's latest key fingerprint. In the event of a key compromise, a user needs to update their key, but a malicious key server can perform an attack by continuing to serve the compromised key.</div></div><div><br></div><div>I would look to a system like The Update Framework as inspiration for how next generation key servers should be designed. Rather than writing off these attacks, they try to systematically address all of them:</div><div><br></div><div><a href="http://freehaven.net/~arma/tuf-ccs2010.pdf">http://freehaven.net/~arma/tuf-ccs2010.pdf</a><br></div><div><br></div>-- <br><div>Tony Arcieri<br></div>
</div></div>