ultime 2 slide sui keyserver
This commit is contained in:
parent
a7e08863cd
commit
75240e0a9e
1 changed files with 170 additions and 2 deletions
172
src/slides.md
172
src/slides.md
|
|
@ -360,11 +360,179 @@ Risultato: giugno 2021 [**sks-keyservers.net shutdown**](https://lists.nongnu.or
|
|||
<small>nslookup __${hex(sha256("alice"))}__._openpgpkey.__openpgp.example__.</small>
|
||||
- LDAP, Keybase, Autocrypt, ...
|
||||
|
||||
---
|
||||
<style scoped>
|
||||
p {margin-top: 6px; font-size: 22px}
|
||||
table {font-size: 22px; width: 100%; margin:25px 0 15px 0;}
|
||||
td, th {border: solid 1px #ccc}
|
||||
small em {font-size: 22px}
|
||||
em sup {display: inline-block; margin-left: 10px; font-size: 14px}
|
||||
</style>
|
||||
# Keystore a confronto
|
||||
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th rowspan="2">Property</th>
|
||||
<th colspan="3">General Purpose Keyservers</th>
|
||||
<th colspan="2">Domain-restricted Keyservers</th>
|
||||
<th colspan="3">Non-Keyserver Keystores</th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th>Hockeypuck</th>
|
||||
<th>Hagrid</th>
|
||||
<th>Onak</th>
|
||||
<th>Mailvelope</th>
|
||||
<th>Proton</th>
|
||||
<th>WKD</th>
|
||||
<th>LDAP</th>
|
||||
<th>Keybase</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>Decentralisation</td>
|
||||
<td>Yes<sup>1</sup></td>
|
||||
<td>No</td>
|
||||
<td>Yes<sup>2</sup></td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>Yes<sup>3</sup></td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Generality</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>Yes</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>UID verification</td>
|
||||
<td>No</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Non-email UIDs</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>UID search</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes<sup>(?)</sup></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Fingerprint search</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
<td>Yes</td>
|
||||
<td>No</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Certifications</td>
|
||||
<td>Yes</td>
|
||||
<td>Limited</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Self-sovereignty</td>
|
||||
<td>In progress</td>
|
||||
<td>Limited</td>
|
||||
<td>No</td>
|
||||
<td>Yes<sup>(?)</sup></td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Key deletion</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes<sup>(?)</sup></td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>HKP API</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Yes</td>
|
||||
<td>Limited</td>
|
||||
<td>Limited</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
<td>No</td>
|
||||
</tr>
|
||||
</thead>
|
||||
</table>
|
||||
|
||||
<small>_<sup>1</sup>By syncronization <sup>2</sup>By forwarding <sup>3</sup>By delegation_</small>
|
||||
|
||||
Fonte: Andrew Gallagher, [_The State of the Keyservers in 2024_](https://blog.pgpkeys.eu/state-keyservers-2024.html) (gennaio 2024)
|
||||
|
||||
---
|
||||
# TODO
|
||||
<style scoped>
|
||||
p{margin-top: 10px; font-size: 22px}
|
||||
table {font-size: 19px; width: 100%;margin-top:10px;}
|
||||
td, th {border: solid 1px #ccc}
|
||||
em small {font-size: 22px}
|
||||
em sup {display: inline-block; margin-left: 10px; font-size: 14px}
|
||||
</style>
|
||||
# Keystore a confronto
|
||||
|
||||
| | autocrypt | attachment | embedded certificate subpacket | URL header | HKP over email | HKPS | WKD | DANE | Tor OHTTP+HKP |
|
||||
| ------------------------------ | --------- | ----------- | ------------------------------ | ---------- | ---------------- | ----------- | ----------- | ------------- | ------------- |
|
||||
| transport method | inband | inband | inband | inband | inband | out of band | out of band | out of band | out of band |
|
||||
| no leakage | ✓ | ✓ | ✓ | | | | | | ✓ |
|
||||
| constrained network | ✓ | ✓ | ✓ | | ✓ | | | | |
|
||||
| no SPOF | ✓ | ✓ | ✓ | | ✓ | ? | ✓ | ✓ | ? |
|
||||
| zero roundtrip | ? | | | | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||
| independent of domain operator | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | | ✓ |
|
||||
| freshness | | | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||
| freshness for opt out | ? | | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||
| easy delegation | | | | | | | ? | ✓ | |
|
||||
| integrity in transit | | ✓ (if DKIM) | ✓ (if DKIM) | | ✓ (if DKIM) | ✓ | ✓ | ✓ (if DNSSEC) | ✓ |
|
||||
| minimal work for user | ✓ | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||
|
||||
Fonte: [_Minutes of the 8th OpenPGP Email Summit_](https://www.openpgp.org/community/email-summit/2024/minutes/) (giugno 2024)
|
||||
|
||||
todo
|
||||
|
||||
|
||||
---
|
||||
|
|
|
|||
Loading…
Reference in a new issue