From a7e08863cd4d9a1ba22615bbf1f6ae7c7520439a Mon Sep 17 00:00:00 2001
From: Fabrizio T <roughconsensusandrunningcode@tracciabi.li>
Date: Sun, 10 Nov 2024 12:06:32 +0100
Subject: [PATCH] slide 17-18 (keyserver)

---
 src/slides.md | 43 +++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 2 deletions(-)

diff --git a/src/slides.md b/src/slides.md
index 9ab1fd5..d547a65 100644
--- a/src/slides.md
+++ b/src/slides.md
@@ -320,6 +320,47 @@ E ancora: Forward secrecy, Context binding, Web of Trust, Key Verification, ...
   - Proposta "Replacement Key": avere due chiavi, una v4 e una v6, reciprocamente firmate; un meccanismo semiautomatico gestisce retrieve e fallback
 
 
+---
+<style scoped>
+ul {margin-top:15px; margin-bottom:0px; font-size:35px}
+ul ul ul {font-size: 33px; list-style-type: circle; padding-left: 40px}
+p {margin-top: 20px}
+</style>
+# Key distribution/discovery: problemi
+
+Voglio scrivere a alice@openpgp&#46;example, dove trovo la chiave pubblica?
+
+- Keyserver tradizionali (PKS, SKS)
+   - Problemi legali: GDPR
+   - Problemi tecnici: _Certificate flooding_ e altri abusi
+     - _Trolling the Web of Trust_ - [Micah Lee OHM2013](https://github.com/micahflee/trollwot)
+     - _The SKS keyserver network is dying_ - [dkg 2019](https://lists.riseup.net/www/arc/monkeysphere/2019-04/msg00004.html)
+     - _Community Impact of OpenPGP Certificate Flooding_ - [dkg 2019](https://dkg.fifthhorseman.net/blog/community-impact-openpgp-cert-flooding.html)
+     
+Risultato: giugno 2021 [**sks-keyservers.net shutdown**](https://lists.nongnu.org/archive/html/sks-devel/2021-06/msg00001.html)
+
+---
+<style scoped>
+  ul {font-size: 35px; margin-top:40px}
+  li ul {font-size: 33px;margin-top:0}
+  li ul li {margin-top:15px}
+  strong {background-color: #8b00f0;font-style: normal; font-weight: bold}
+  small {font-size:21px; display:block; margin: 10px 0 0 20px}
+</style>
+# Key distribution/discovery: proposte
+
+- [_Abuse Resistant Keystores_](https://datatracker.ietf.org/doc/draft-dkg-openpgp-abuse-resistant-keystore/)
+  - _Verifying Keyservers (VKS)_
+  - [_First-Party Approved Third-Party Certifications_](https://datatracker.ietf.org/doc/draft-dkg-openpgp-1pa3pc/)
+  - [_Timestamp aware merge strategy_](https://github.com/hockeypuck/hockeypuck/wiki/HIP-3:-Timestamp-aware-merge-strategy)
+
+- [Web Key Directory](https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service) Draft 2016 - Work In Progress
+   <small>h<span/>ttps://openpgpkey.__openpgp.example__/.well-known/openpgpkey/__openpgp.example__/hu/__${zbase32(sha1("alice"))}__?l=__alice__</small>
+- DNS (DANE) [RFC 7929](https://datatracker.ietf.org/doc/html/rfc7929) (2016)
+   <small>nslookup __${hex(sha256("alice"))}__._openpgpkey.__openpgp.example__.</small>
+- LDAP, Keybase, Autocrypt, ...
+
+
 ---
 # TODO
 
@@ -361,8 +402,6 @@ https://blog.pgpkeys.eu/state-keyservers-2024.html
 - OpenPGP for application developers
 https://openpgp.dev/book/
 
-
-
 ---
 <!-- _class: bigtitle -->