Request for Discussion: new/PubKeyDistributionConcept/FallbackServer
Neal H. Walfield
neal at walfield.org
Tue Jun 14 20:29:54 CEST 2016
On Tue, 14 Jun 2016 20:13:57 +0200,
Werner Koch wrote:
> On Tue, 14 Jun 2016 17:34, neal at walfield.org said:
>
> > This is where we disagree. I think it will be harder to get MSPs to
> > upgrade, because they will say something like: hey, we already have
> > the solution that you wanted! And, this new one only adds additional
>
> The problem is that CONIKS is an entirely new system with many open
> questions. What they have is a prototype but zero experience with
> deployment.
FWIW, Google began to work on Coniks in May 2015.
https://lists.cs.princeton.edu/mailman/private/coniks/2015-May/000000.html
> Further, CONIKS is an entirely new service to deploy which
> requires new infrastructure (servers, HSMs, failure procedures, and so
> on) and requires the involvement of several departments at an ISP.
>
> I got from a large provider a quote of 200kEUR of internal costs for
> setting up that simple and standard Web Key Directory method. How much
> do you think will it need to deploy an entirely new service which has
> only a Java prototype implementation right now and is missing the parts
> of the protocol.
Sure. I don't dispute that the implementation is a lot of work. I
just speculate that the human side is more work and doubly so when
trying to convince ISPs to do an upgrade that increases their
liability.
:) Neal
More information about the Gnupg-devel
mailing list