summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMicah Anderson <micah@riseup.net>2008-09-03 15:28:30 -0400
committerMicah Anderson <micah@riseup.net>2008-09-03 15:28:30 -0400
commit86f97d40d6fb60f7dde3c7e3a8aab0124f151d35 (patch)
tree94f62ff48a5ad9e4e65deec7b2fe606f2190555b
parent1e26301ec4cd2afc45c968c3fe3d77bf296b03fb (diff)
parent52d692d728d7d56ec0f17e0a9afbb6579a7eece9 (diff)
Merge commit 'dkg/master'
-rw-r--r--Makefile2
-rw-r--r--debian/changelog16
-rw-r--r--debian/control2
-rw-r--r--debian/monkeysphere.docs4
-rw-r--r--doc/MonkeySpec154
l---------doc/README1
l---------doc/README.admin1
-rw-r--r--doc/ikiwiki.setup.sample29
-rw-r--r--man/man1/monkeysphere-ssh-proxycommand.17
-rw-r--r--man/man1/monkeysphere.14
-rw-r--r--man/man8/monkeysphere-server.84
-rw-r--r--src/common22
-rwxr-xr-xsrc/monkeysphere8
-rwxr-xr-xsrc/monkeysphere-server14
-rwxr-xr-xsrc/monkeysphere-ssh-proxycommand14
-rw-r--r--website/archive-key.mdwn26
-rw-r--r--website/bugs.mdwn3
-rw-r--r--website/bugs/done.mdwn2
-rw-r--r--website/bugs/handle-passphrase-locked-secret-keys.mdwn20
-rw-r--r--website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn4
-rw-r--r--website/bugs/setup-test-server-for-public.mdwn7
-rw-r--r--website/community.mdwn7
-rw-r--r--website/doc.mdwn1
-rw-r--r--website/download.mdwn4
-rw-r--r--website/index.mdwn70
-rw-r--r--website/local.css62
-rw-r--r--website/mirrors.mdwn81
-rw-r--r--website/news.mdwn1
-rw-r--r--website/news/apt-repo-moved.mdwn7
-rw-r--r--website/news/release-0.12-1.mdwn9
-rw-r--r--website/sidebar.mdwn (renamed from website/templates/nav.mdwn)0
-rw-r--r--website/similar.mdwn1
-rw-r--r--website/trust-models.mdwn21
-rw-r--r--website/why.mdwn44
34 files changed, 380 insertions, 272 deletions
diff --git a/Makefile b/Makefile
index aaf9d65..1e0b649 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ keytrans:
release: clean
rm -rf monkeysphere-$(MONKEYSPHERE_VERSION)
mkdir -p monkeysphere-$(MONKEYSPHERE_VERSION)/doc
- ln -s ../../doc/README ../../doc/README.admin ../../doc/TODO ../../doc/MonkeySpec monkeysphere-$(MONKEYSPHERE_VERSION)/doc
+ ln -s ../../website/getting-started-user.mdwn ../../website/getting-started-admin.mdwn ../../doc/TODO ../../doc/MonkeySpec monkeysphere-$(MONKEYSPHERE_VERSION)/doc
ln -s ../COPYING ../etc ../Makefile ../man ../src monkeysphere-$(MONKEYSPHERE_VERSION)
tar -ch monkeysphere-$(MONKEYSPHERE_VERSION) | gzip -n > monkeysphere_$(MONKEYSPHERE_VERSION).orig.tar.gz
rm -rf monkeysphere-$(MONKEYSPHERE_VERSION)
diff --git a/debian/changelog b/debian/changelog
index 1cc1dd8..206ddd7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,22 @@
-monkeysphere (0.12-1) UNRELEASED; urgency=low
+monkeysphere (0.13~pre-1) UNRELEASED; urgency=low
+ [ Daniel Kahn Gillmor ]
+ * tweaks in /usr/bin/monkeysphere to handle odd secret keyrings.
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 02 Sep 2008 21:28:51 -0400
+
+monkeysphere (0.12-1) experimental; urgency=low
+
+ [ Jameson Graef Rollins ]
* Improved output handling. New LOG_LEVEL variable.
+
+ [ Daniel Kahn Gillmor ]
* debian/control: switched Homepage: and Vcs-Git: to canonicalized
upstream hostnames.
+ * updated documentation for new release.
+ * changed my associated e-mail address for this package.
- -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Mon, 01 Sep 2008 23:55:56 -0700
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 02 Sep 2008 18:54:29 -0400
monkeysphere (0.11-1) experimental; urgency=low
diff --git a/debian/control b/debian/control
index ca07a5d..50bc1f1 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,7 @@
Source: monkeysphere
Section: net
Priority: extra
-Maintainer: Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>
+Maintainer: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Uploaders: Jameson Rollins <jrollins@fifthhorseman.net>
Build-Depends: debhelper (>= 7.0), libgnutls-dev (>= 2.4.0), git-core
Standards-Version: 3.8.0.1
diff --git a/debian/monkeysphere.docs b/debian/monkeysphere.docs
index 595e6c8..b677881 100644
--- a/debian/monkeysphere.docs
+++ b/debian/monkeysphere.docs
@@ -1,3 +1,3 @@
-doc/README
-doc/README.admin
+website/getting-started-user.mdwn
+website/getting-started-admin.mdwn
doc/MonkeySpec
diff --git a/doc/MonkeySpec b/doc/MonkeySpec
index 54aaa72..66f44b0 100644
--- a/doc/MonkeySpec
+++ b/doc/MonkeySpec
@@ -1,59 +1,23 @@
THE MONKEYSPHERE
================
-AGENDA
-======
-[x] clowning
-[ ] work
-[x] jrollins will talk and gesture - in progress
-
-MONKEYNAMES
-===========
-
-rhesus, marmoset, howler, langur, tamarin, barbary
-
-COMPONENTS
-==========
-
-(names in "" are code names until we think of better ones.)
-
-common components
------------------
-* "rhesus": update known_hosts/authorized_keys files:
- - be responsible for removing keys from the file as key revocation
- happens
- - be responsible for updating a key in the file where there is a key
- replacement
- - must result in a file that is parsable by the existing ssh client
- without errors
- - manual management must be allowed without stomping on it
- - provide a simple, intelligible, clear policy for key acceptance
-
-* "langur": policy-editor for viewing/editing policies
-
-* gpg2ssh: utility to convert gpg keys to ssh
- known_hosts/authorized_keys lines
-
-* ssh2gpg: create openpgp keypair from ssh keypair
+Monkeysphere is authentication layer that allows the sysadmin to
+perform authorization on OpenPGP user identities instead of on keys.
+It also allows end users to authenticate/identify the ssh server they
+are connecting to by checking the sysadmin's certification.
-server-side components
-----------------------
-* "howler": server gpg maintainer
- - generate gpg keys for the server
- - publish server gpg keys
- - give owner trust to keys for user authentication
+* GENERAL GOAL - use openpgp web-of-trust to authenticate ppl for SSH
+* SPECIFIC GOAL - allow openssh to tie into pgp web-of-trust without
+ modifying the openpgp spec, gpg or openssh
+* DESIGN GOALS - authentication, use the existing generic OpenSSH
+ client, the admin can make it default, although end-user should be
+ decide to use monkeysphere or not
+* DESIGN GOAL - use of monkeysphere should not radically change
+ connecting-to-server experience
-* "tamarin": concept - how to trigger or schedule rhesus at admin defined
- points (e.g. via cron or during ssh connections).
+Host identity piece of monkeysphere could be used without buying into
+the user authentication component.
-client-side components
-----------------------
-* "marmoset": concept - how to trigger rhesus during attempt to initiate
- connection to server
- - runs on connection to a certain host
- - triggers update to known_hosts file then makes connection
- - proxy-command | pre-hook script | wrapper script
- - (ssh_config "LocalCommand" is only run *after* connection)
USE CASE
========
@@ -69,93 +33,49 @@ their personal gpg keys to the web of trust, and being good friends,
have both signed each other's keys and marked each others keys with
"full" ownertrust.
-When Alice set up mangabey initially, she used howler to publish a gpg
-key for the machine with the special userid of
-"ssh://mangabey.example.org". She also signed mangabey's gpg key and
-published this certification to commonly-used keyservers. Alice also
-configured mangabey to treat her own key with full ownertrust (could
-this be done as part of the howler invocation?)
+When Alice set up mangabey initially, she published an OpenPGP key for
+the machine with the special userid of "ssh://mangabey.example.org".
+She also signed mangabey's OpenPGP key and published this
+certification to commonly-used keyservers. Alice also configured
+mangabey to treat her own key with full ownertrust, so that it knows
+how to identify connecting users.
Now, Alice creates a user account "bob" on mangabey, and puts Bob's
userid ("Bob <bob@example.org>") in the authorized_user_ids file for
-user bob on mangabey. tamarin triggers on mangabey either by a
-cronjob or an inotify hook, and invokes rhesus for the "bob" account.
-rhesus automatically takes each userid in bob's authorized_user_ids
-file, and looks on a keyserver to find all public keys associated with
-that user ID, with the goal of populating the authorized_keys file for
-bob@mangabey.
+user bob on mangabey. The monkeysphere automatically (via cron or
+inotify hook) takes each userid in bob's authorized_user_ids file, and
+looks on a keyserver to find all public keys associated with that user
+ID, with the goal of populating the authorized_keys file for
+bob@mangabey.
In particular: for each key found, the server evaluates the calculated
validity of the specified user ID based on the ownertrust rules it has
configured ("trust alice's certifications fully", in this example).
For each key for which the user ID in question is fully-valid, it
extracts all DSA- or RSA-based primary or secondary keys marked with
-usage flags for encrypted communications and authentication, and
-converts these gpg public keys into ssh public keys. Finally, rhesus
-inserts these calculated public keys into the authorized_keys file for
-bob.
+the authentication usage flag, and converts these OpenPGP public keys
+into ssh public keys. These keys are automatically placed into the
+authorized_keys file for bob.
Bob now attempts to connect, by firing up a terminal and invoking:
"ssh bob@mangabey.example.org". Bob's monkeysphere-enabled ssh client
notices that mangabey.example.org isn't already available in bob's
-known_hosts file, and triggers rhesus (on Bob's computer) to fetch the
-key for mangabey, with the goal of populating Bob's local known_hosts
+known_hosts file, and fetches the host key for mangabey from the
+public keyservers, with the goal of populating Bob's local known_hosts
file.
-In particular: rhesus queries its configured keyservers to find all
-public keys with User ID ssh://mangabey.example.org. For each public
-key found, rhesus checks the relevant User ID's validity, converts any
-"encrypted comms, authentication" gpg public keys into ssh public keys
-if the User ID validity is acceptable, and finally insert those keys
-into Bob's known_hosts file.
+In particular: the monkeysphere queries its configured keyservers to
+find all public keys with User ID ssh://mangabey.example.org. For
+each public key found, it checks the relevant User ID's validity,
+converts any authentication-capable OpenPGP public keys into ssh
+public keys if the User ID validity is acceptable, and finally insert
+those keys into Bob's known_hosts file.
On Bob's side, since mangabey's key had "full" validity (it was signed
-by Alice whom he fully trusts), Bob's ssh client deems mangabey
+by Alice, whom he fully trusts), Bob's ssh client deems mangabey
"known" and no further host key checking is required.
On mangabey's side, since Bob's key has "full" validity (it had been
signed by Alice, mangabey's trusted administrator), Bob is
authenticated and therefore authorized to log into his account.
-NOTES
-=====
-
-* Daniel and Elliot lie. <check>
-* We will use a distributed VCS, each developer will create their own
- git repository and publish it publicly for others to pull from, mail
- out
-* public project page doesn't perhaps make sense yet
-* approximate goal - using the web of trust to authenticate ppl for
- SSH
-* outline of various components of monkeysphere
-* M: what does it mean to be in the monkeysphere? not necessarily a
- great coder.
-* J: interested in seeing project happen, not in actually doing it.
- anybody can contribute as much as they want.
-* J: if we put the structure in place to work on monkeysphere then we
- don't have to do anything
-* D: we are not creating
-* understand gpg's keyring better, understanding tools better,
- building scripts
-* Some debian packages allow automated configuration of config files.
-
-* GENERAL GOAL - use openpgp web-of-trust to authenticate ppl for SSH
-* SPECIFIC GOAL - allow openssh to tie into pgp web-of-trust without
- modifying either openpgp and openssh
-* DESIGN GOALS - authentication, use the existing generic OpenSSH
- client, the admin can make it default, although end-user should be
- decide to use monkeysphere or not
-* DESIGN GOAL - use of monkeysphere should not radically change
- connecting-to-server experience
-* GOAL - pick a monkey-related name for each component
-
-Host identity piece of monkeysphere could be used without buying into
-the authorization component.
-
-Monkeysphere is authentication layer that allows the sysadmin to
-perform authorization on user identities instead of on keys, it
-additionally allows the sysadmin also to authenticate the server to
-the end-user.
-
-see doc/git-init for more detail on how to pull from the distributed
-repositories.
diff --git a/doc/README b/doc/README
deleted file mode 120000
index f6ea1dd..0000000
--- a/doc/README
+++ /dev/null
@@ -1 +0,0 @@
-../website/getting-started-user.mdwn \ No newline at end of file
diff --git a/doc/README.admin b/doc/README.admin
deleted file mode 120000
index dea47b6..0000000
--- a/doc/README.admin
+++ /dev/null
@@ -1 +0,0 @@
-../website/getting-started-admin.mdwn \ No newline at end of file
diff --git a/doc/ikiwiki.setup.sample b/doc/ikiwiki.setup.sample
new file mode 100644
index 0000000..97e77c8
--- /dev/null
+++ b/doc/ikiwiki.setup.sample
@@ -0,0 +1,29 @@
+use IkiWiki::Setup::Standard {
+ wikiname => "Monkeysphere",
+ adminemail => 'webmaster@monkeysphere.info',
+
+ srcdir => "/path/to/cloned/monkeysphere/repo/website",
+ destdir => "/path/to/web/dir",
+
+ url => "http://monkeysphere.info",
+
+ rcs => "git",
+
+ wrappers => [
+ {
+ wrapper => "/path/to/post-receive/hook",
+ wrappermode => "0755",
+ }
+ ],
+
+ rss => 1,
+ atom => 1,
+ verbose => 0,
+ syslog => 0,
+
+ add_plugins => [qw{goodstuff favicon toc sidebar}],
+
+
+ tagbase => "tags",
+
+}
diff --git a/man/man1/monkeysphere-ssh-proxycommand.1 b/man/man1/monkeysphere-ssh-proxycommand.1
index c3c7993..41b2e40 100644
--- a/man/man1/monkeysphere-ssh-proxycommand.1
+++ b/man/man1/monkeysphere-ssh-proxycommand.1
@@ -37,7 +37,7 @@ connection to the host itself.
.SH KEYSERVER CHECKING
The proxy command has a fairly nuanced policy for when keyservers are
-queried when processing host. If the host userID is not found in
+queried when processing a host. If the host userID is not found in
either the user's keyring or in the known_hosts file, then the
keyserver is queried for the host userID. If the host userID is found
in the user's keyring, then the keyserver is not checked. This
@@ -55,11 +55,6 @@ All environment variables defined in monkeysphere(1) can also be used
for the proxy command, with one note:
.TP
-MONKEYSPHERE_LOG_LEVEL
-Set the log level. Can be SILENT, ERROR, INFO, DEBUG, in increasing
-order of verbosity.
-
-.TP
MONKEYSPHERE_CHECK_KEYSERVER
Setting this variable (to `true' or `false') will override the policy
defined in KEYSERVER CHECKING above.
diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1
index 26327f4..b0c896f 100644
--- a/man/man1/monkeysphere.1
+++ b/man/man1/monkeysphere.1
@@ -84,8 +84,8 @@ The following environment variables will override those specified in
the monkeysphere.conf configuration file (defaults in parentheses):
.TP
MONKEYSPHERE_LOG_LEVEL
-Set the log level. Can be SILENT, ERROR, INFO, DEBUG, in increasing
-order of verbosity.
+Set the log level (INFO). Can be SILENT, ERROR, INFO, VERBOSE, DEBUG,
+in increasing order of verbosity.
.TP
MONKEYSPHERE_GNUPGHOME, GNUPGHOME
GnuPG home directory (~/.gnupg).
diff --git a/man/man8/monkeysphere-server.8 b/man/man8/monkeysphere-server.8
index b63f659..25dfac7 100644
--- a/man/man8/monkeysphere-server.8
+++ b/man/man8/monkeysphere-server.8
@@ -183,8 +183,8 @@ the monkeysphere-server.conf configuration file (defaults in
parentheses):
.TP
MONKEYSPHERE_LOG_LEVEL
-Set the log level. Can be SILENT, ERROR, INFO, DEBUG, in increasing
-order of verbosity.
+Set the log level (INFO). Can be SILENT, ERROR, INFO, VERBOSE, DEBUG, in
+increasing order of verbosity.
.TP
MONKEYSPHERE_KEYSERVER
OpenPGP keyserver to use (subkeys.pgp.net).
diff --git a/src/common b/src/common
index 3b3b7a5..7768335 100644
--- a/src/common
+++ b/src/common
@@ -42,7 +42,7 @@ log() {
# list in decreasing verbosity (all caps).
# separate with $IFS explicitly, since we do some fancy footwork
# elsewhere.
- alllevels="DEBUG${IFS}INFO${IFS}ERROR"
+ alllevels="DEBUG${IFS}VERBOSE${IFS}INFO${IFS}ERROR"
# translate lowers to uppers in global log level
LOG_LEVEL=$(echo "$LOG_LEVEL" | tr "[:lower:]" "[:upper:]")
@@ -485,7 +485,7 @@ process_user_id() {
# if the gpg query return code is not 0, return 1
if [ "$?" -ne 0 ] ; then
- log info " no primary keys found."
+ log verbose " no primary keys found."
return 1
fi
@@ -502,7 +502,7 @@ process_user_id() {
lastKeyOK=
fingerprint=
- log info " primary key found: $keyid"
+ log verbose " primary key found: $keyid"
# if overall key is not valid, skip
if [ "$validity" != 'u' -a "$validity" != 'f' ] ; then
@@ -551,7 +551,7 @@ process_user_id() {
# output a line for the primary key
# 0 = ok, 1 = bad
if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
- log info " * acceptable primary key."
+ log verbose " * acceptable primary key."
if [ -z "$sshKey" ] ; then
log error " ! primary key could not be translated (not RSA or DSA?)."
else
@@ -607,7 +607,7 @@ process_user_id() {
# output a line for the sub key
# 0 = ok, 1 = bad
if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
- log info " * acceptable sub key."
+ log verbose " * acceptable sub key."
if [ -z "$sshKey" ] ; then
log error " ! sub key could not be translated (not RSA or DSA?)."
else
@@ -642,7 +642,7 @@ process_host_known_hosts() {
host="$1"
userID="ssh://${host}"
- log info "processing: $host"
+ log verbose "processing: $host"
nKeys=0
nKeysOK=0
@@ -743,7 +743,7 @@ update_known_hosts() {
# note if the known_hosts file was updated
if [ "$(file_hash "$KNOWN_HOSTS")" != "$fileCheck" ] ; then
- log info "known_hosts file updated."
+ log verbose "known_hosts file updated."
fi
# if an acceptable host was found, return 0
@@ -766,7 +766,7 @@ update_known_hosts() {
process_known_hosts() {
local hosts
- log info "processing known_hosts file..."
+ log verbose "processing known_hosts file..."
hosts=$(meat "$KNOWN_HOSTS" | cut -d ' ' -f 1 | grep -v '^|.*$' | tr , ' ' | tr '\n' ' ')
@@ -791,7 +791,7 @@ process_uid_authorized_keys() {
userID="$1"
- log info "processing: $userID"
+ log verbose "processing: $userID"
nKeys=0
nKeysOK=0
@@ -886,7 +886,7 @@ update_authorized_keys() {
# note if the authorized_keys file was updated
if [ "$(file_hash "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then
- log info "authorized_keys file updated."
+ log verbose "authorized_keys file updated."
fi
# if an acceptable id was found, return 0
@@ -913,7 +913,7 @@ process_authorized_user_ids() {
authorizedUserIDs="$1"
- log info "processing authorized_user_ids file..."
+ log verbose "processing authorized_user_ids file..."
if ! meat "$authorizedUserIDs" > /dev/null ; then
log error "no user IDs to process."
diff --git a/src/monkeysphere b/src/monkeysphere
index b0003fc..471da20 100755
--- a/src/monkeysphere
+++ b/src/monkeysphere
@@ -93,7 +93,7 @@ gen_subkey(){
if [ -z "$1" ] ; then
# find all secret keys
- keyID=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d:)
+ keyID=$(gpg --with-colons --list-secret-keys | grep ^sec | cut -f5 -d: | sort -u)
# if multiple sec keys exist, fail
if (( $(echo "$keyID" | wc -l) > 1 )) ; then
echo "Multiple secret keys found:"
@@ -115,7 +115,7 @@ key before joining the monkeysphere. You can do this with:
# fail if multiple sec lines are returned, which means the id
# given is not unique
- if [ $(echo "$gpgOut" | grep '^sec:' | wc -l) -gt '1' ] ; then
+ if [ $(echo "$gpgOut" | grep -c '^sec:') -gt '1' ] ; then
failure "Key ID '$keyID' is not unique."
fi
@@ -146,7 +146,7 @@ save
EOF
)
- log info "generating subkey..."
+ log verbose "generating subkey..."
fifoDir=$(mktemp -d)
(umask 077 && mkfifo "$fifoDir/pass")
echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" &
@@ -155,7 +155,7 @@ EOF
rm -rf "$fifoDir"
wait
- log info "done."
+ log verbose "done."
}
function subkey_to_ssh_agent() {
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index ad94786..4c7df19 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -157,7 +157,7 @@ update_users() {
for uname in $unames ; do
# check all specified users exist
if ! getent passwd "$uname" >/dev/null ; then
- log info "----- unknown user '$uname' -----"
+ log error "----- unknown user '$uname' -----"
continue
fi
@@ -173,17 +173,17 @@ update_users() {
fi
fi
- log info "----- user: $uname -----"
+ log verbose "----- user: $uname -----"
# exit if the authorized_user_ids file is empty
if ! check_key_file_permissions "$uname" "$AUTHORIZED_USER_IDS" ; then
- log error "Improper permissions on authorized_user_ids file path."
+ log error "Improper permissions on path '$AUTHORIZED_USER_IDS'."
continue
fi
# check permissions on the authorized_keys file path
if ! check_key_file_permissions "$uname" "$RAW_AUTHORIZED_KEYS" ; then
- log error "Improper permissions on authorized_keys file path path."
+ log error "Improper permissions on path '$RAW_AUTHORIZED_KEYS'."
continue
fi
@@ -227,7 +227,7 @@ update_users() {
# add user-controlled authorized_keys file path if specified
if [ "$rawAuthorizedKeys" != '-' -a -s "$rawAuthorizedKeys" ] ; then
- log info "adding raw authorized_keys file... "
+ log verbose "adding raw authorized_keys file... "
cat "$rawAuthorizedKeys" >> "$AUTHORIZED_KEYS"
fi
@@ -346,7 +346,7 @@ EOF
EOF
)
- log info "generating server key..."
+ log verbose "generating server key..."
echo "$keyParameters" | gpg_host --batch --gen-key
# output the server fingerprint
@@ -356,7 +356,7 @@ EOF
fingerprint=$(fingerprint_server_key)
# export host ownertrust to authentication keyring
- log info "setting ultimate owner trust for server key..."
+ log verbose "setting ultimate owner trust for server key..."
echo "${fingerprint}:6:" | gpg_authentication "--import-ownertrust"
# translate the private key to ssh format, and export to a file
diff --git a/src/monkeysphere-ssh-proxycommand b/src/monkeysphere-ssh-proxycommand
index cc81020..a7b87ca 100755
--- a/src/monkeysphere-ssh-proxycommand
+++ b/src/monkeysphere-ssh-proxycommand
@@ -14,10 +14,6 @@
# ProxyCommand monkeysphere-ssh-proxycommand %h %p
########################################################################
-SHARE=${MONKEYSPHERE_SHARE:-"/usr/share/monkeysphere"}
-. "${SHARE}/common" || exit 1
-
-########################################################################
usage() {
cat <<EOF >&2
@@ -38,8 +34,6 @@ fi
HOST="$1"
PORT="$2"
-MS_HOME=${MS_HOME:-"${HOME}/.config/monkeysphere"}
-
if [ -z "$HOST" ] ; then
echo "Host not specified." >&2
usage
@@ -57,6 +51,12 @@ else
fi
URI="ssh://${HOSTP}"
+# specify keyserver checking. the behavior of this proxy command is
+# intentionally different than that of running monkeyesphere normally,
+# and keyserver checking is intentionally done under certain
+# circumstances. This can be overridden by setting the
+# MONKEYSPHERE_CHECK_KEYSERVER environment variable.
+
# if the host is in the gpg keyring...
if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then
# do not check the keyserver
@@ -81,7 +81,7 @@ else
CHECK_KEYSERVER="true"
fi
fi
-
+# set and export the variable for use by monkeysphere
MONKEYSPHERE_CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:="$CHECK_KEYSERVER"}
export MONKEYSPHERE_CHECK_KEYSERVER
diff --git a/website/archive-key.mdwn b/website/archive-key.mdwn
index 898c7e5..45ac86e 100644
--- a/website/archive-key.mdwn
+++ b/website/archive-key.mdwn
@@ -1,5 +1,4 @@
[[meta title="Monkeysphere archive signing key"]]
-[[!template id="nav"]]
[[toc ]]
## Verifying the key ##
@@ -70,8 +69,21 @@ ly087Guvw8G8TdQcubteFYQDIxIc2atZkjEn3oCjtZgk8mdDlCjLQYgHV1/o+eWd
S31RCBx16I7tJya0fwJJRC7qZWf7hrPdi7eqcecqyr26X5upV+Irjv5qYu/6HAGb
59W6n+8KTfMxEMaBQI6qZXxhaBr3HzEaSrz7jtkl+xxym2TGkbarXcm7e7MP66Hu
GD5UCC3svhAAxKXf4K/8v7WhwBpekF9mXtgpq72Du2JG9q+OAWhxzZXbZku+RY7T
-a83wKc1TaPvzK2WZlhNGjcCYSUXcfQOSn5noVTUukW3DNEKP5BmwkvVd
-=Xex0
+a83wKc1TaPvzK2WZlhNGjcCYSUXcfQOSn5noVTUukW3DNEKP5BmwkvVdiEYEEBEC
+AAYFAki9wXQACgkQ9n4qXRzy1ioXYwCgmzCV+o+Ai0gNx0pt9shofcjfJoAAoInV
+mhn36lBeDh/E6cigrUlkdDGWiQIcBBABAgAGBQJIvdcSAAoJEO00zqvie6q8sB4Q
+AKDLTKqtiONf4FkMCZFcMxQyiALcy76zTW9L2oK90zKRhKSt5RPnVmDVyiinBcRJ
+h0lEkpxoqSrs+0XvASWC3RzWLEbW6XXsuHO1RXFsC3FNbe0HkHenirenFkitPMDX
+Q5gHmCJ6yiq2ssuzXAG9vZ4HjkUINBgkeMASiTRC7o0we7jFSRzOTCs4WWdsavrx
+7bhCadeC35ISldTSo6nOP3laPctPcLD83cJszzQyHr/LjF6KYr6n85NAwIt/oxHh
+EUxmezx+lMwWHdr9TQzXzU8cxLSBZ+c+PuZ/NuHz9fOv87eaFDNEqKli9zhzh4eA
+EMeiWKQXHYlmEUUWnZoea46jdjBrvHphogqlCjzMDHtg/pWOsYrGeXjjZ352SGN4
+vyinkdxwUppGQATz55WyiWIzCY1Kt7lqaQHfAM1NgVdoCQ0stlulIO4LVepHRiAY
+HO4EPeQO6pVGGHWCzJyEcMcaBsYGpr9DndSNd66O+Gyeq8QobKnvTH25kwVt/8t1
+9nS+7NLwBrqXCISeDrOQYq5XeCdvpAuJy4CEN5muQWRdUPekE2dh7qcVUdROepq0
+1wMemkmgTLlA0Md7ZdZqsllKhVQ7/HOFzshEaj/VcFrQshuIAjDZFN/OrGLX/NcL
+tcaBmD9lZSQ3CyxnBUTeMdJCOLOK050jNvsEsM89FL+g
+=bJWl
-----END PGP PUBLIC KEY BLOCK-----
</pre>
@@ -94,17 +106,17 @@ tag `$TAG` on architecture `$ARCH`, do:
git clone git://git.monkeysphere.info/monkeysphere
cd monkeysphere
- git tag -v $TAG
- git checkout $TAG
+ git tag -v "$TAG"
+ git checkout "$TAG"
debuild -uc -us
cd repo
- reprepro -C monkeysphere include experimental ../$TAG_$ARCH.changes
+ reprepro -C monkeysphere include experimental "../$TAG_$ARCH.changes"
When you get a binary package built from a separate architecture
`$NEWARCH` that you want to include with the archive, do:
cd repo
- reprepro -C monkeysphere includedeb experimental ../$TAG_$NEWARCH.deb
+ reprepro -C monkeysphere includedeb experimental "../$TAG_$NEWARCH.deb"
To publish the archive, make sure you have access to
`archivemaster@george.riseup.net`, and then do:
diff --git a/website/bugs.mdwn b/website/bugs.mdwn
index 06a4d3a..30bccd1 100644
--- a/website/bugs.mdwn
+++ b/website/bugs.mdwn
@@ -1,5 +1,4 @@
-[[!template id="nav"]]
-[[meta title="Bugs"]]
+[[meta title="Open Bugs"]]
This is Monkeysphere's bug list. You can also browse our [completed bugs](done).
If you don't have commit access to the public repo, we'd appreciate
diff --git a/website/bugs/done.mdwn b/website/bugs/done.mdwn
index 282e804..dc331f9 100644
--- a/website/bugs/done.mdwn
+++ b/website/bugs/done.mdwn
@@ -1,4 +1,4 @@
-[[!template id="nav"]]
+[[meta title="Completed Bugs"]]
Recently fixed [[bugs]].
diff --git a/website/bugs/handle-passphrase-locked-secret-keys.mdwn b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
index bc2a64c..b58650e 100644
--- a/website/bugs/handle-passphrase-locked-secret-keys.mdwn
+++ b/website/bugs/handle-passphrase-locked-secret-keys.mdwn
@@ -1,4 +1,4 @@
-[[meta title="MonkeySphere needs to be able to cleanly export passphrase-locked secret keys from the GPG keyring"]]
+[[meta title="MonkeySphere can't deal with passphrase-locked primary keys"]]
At the moment, the only tool we have to export passphrase-locked
secret keys from the GPG keyring is `gpg` itself (and `gpg2`, which
@@ -100,6 +100,18 @@ Other alternatives?
Can this bug be closed? dkg [reported in a comment for a related
bug](/bugs/install-seckey2sshagent-in-usr-bin/):
- Version 0.11-1 now has the monkeysphere subkey-to-ssh-agent
- subcommand, which works cleanly in the presence of a
- functionally-patched GnuTLS.
+ Version 0.11-1 now has the monkeysphere subkey-to-ssh-agent
+ subcommand, which works cleanly in the presence of a
+ functionally-patched GnuTLS.
+
+--------
+
+Even with the patched GnuTLS, monkeysphere currently can't currently
+deal with passphrase-locked primary keys. I've changed the title of
+this bug, but i'd like to keep it open until we are able to deal with
+that. The other comments here seem still quite relevant to that
+need.
+
+I've changed the title of this bug to reflect the narrowed scope.
+
+ --dkg
diff --git a/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn b/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn
index 4070d0a..b814d35 100644
--- a/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn
+++ b/website/bugs/monkeysphere-ssh-proxycommand-quiet-option.mdwn
@@ -245,3 +245,7 @@ I'll leave the bug open for a bit until it get more tested and 0.12
gets pushed out.
-- BJ
+
+---
+
+I think this is [[/bugs/done]] as of version 0.12-1.
diff --git a/website/bugs/setup-test-server-for-public.mdwn b/website/bugs/setup-test-server-for-public.mdwn
index c926dc6..5b05759 100644
--- a/website/bugs/setup-test-server-for-public.mdwn
+++ b/website/bugs/setup-test-server-for-public.mdwn
@@ -75,3 +75,10 @@ and I'm not really willing to maintain it myself, but if someone else
wants to handle that, that would be fine with me.
-- jgr
+
+---
+
+i'm not really willing to maintain anything extra either, so i'm
+closing this ticket as [[bugs/done]].
+
+--dkg
diff --git a/website/community.mdwn b/website/community.mdwn
index b06637b..79e6da7 100644
--- a/website/community.mdwn
+++ b/website/community.mdwn
@@ -1,5 +1,3 @@
-[[!template id="nav"]]
-
[[meta title="Community"]]
## Mailing list ##
@@ -41,10 +39,11 @@ offering:
Micah Anderson:
git clone git://labs.riseup.net/~micah/monkeysphere
-
## Contact ##
Please feel free to contact any of the Monkeysphere developers or post
to the mailing list with questions, comments, bug reports, requests,
-etc.
+etc. If you contact a developer individually, please indicate if
+there is any part of your note that can be made public (we might want
+to post it to the web here).
diff --git a/website/doc.mdwn b/website/doc.mdwn
index 634afd9..997c34d 100644
--- a/website/doc.mdwn
+++ b/website/doc.mdwn
@@ -1,4 +1,3 @@
-[[!template id="nav"]]
[[meta title="Documentation"]]
## Dependencies ##
diff --git a/website/download.mdwn b/website/download.mdwn
index ad14bce..cc83adf 100644
--- a/website/download.mdwn
+++ b/website/download.mdwn
@@ -1,4 +1,4 @@
-[[!template id="nav"]]
+[[meta title="Download"]]
## Downloading and Installing ##
@@ -6,7 +6,7 @@ If you are running a Debian system, you can install Monkeysphere
by following these directions:
You can add this repo to your system by putting the following lines in
-/etc/apt/sources.list.d/monkeysphere.list:
+`/etc/apt/sources.list.d/monkeysphere.list`:
deb http://archive.monkeysphere.info/debian experimental monkeysphere
deb-src http://archive.monkeysphere.info/debian experimental monkeysphere
diff --git a/website/index.mdwn b/website/index.mdwn
index 5b757fa..a7d074e 100644
--- a/website/index.mdwn
+++ b/website/index.mdwn
@@ -1,17 +1,18 @@
-[[!template id="nav"]]
+The Monkeysphere project's goal is to extend OpenPGP's web of trust to
+new areas of the Internet to help us securely identify each other
+while we work online.
-The Monkeysphere project's goal is to extend the web of trust model
-and other features of OpenPGP to other areas of the Internet to help
-us securely identify each other while we work online.
+Specifically, monkeysphere currently offers a framework to leverage
+the OpenPGP web of trust for OpenSSH authentication.
-Specifically, monkeysphere is a framework to leverage the OpenPGP web
-of trust for OpenSSH authentication. In other words, it allows you to
-use your OpenPGP keys when using secure shell to both identify
-yourself and the servers you administer or connect to. OpenPGP keys
-are tracked via GnuPG, and managed in the `known_hosts` and
-`authorized_keys` files used by OpenSSH for connection authentication.
+In other words, it allows you to use secure shell as you normally do,
+but to identify yourself and the servers you administer or connect to
+with your OpenPGP keys. OpenPGP keys are tracked via GnuPG, and
+monkeysphere manages the `known_hosts` and `authorized_keys` files
+used by OpenSSH for authentication, checking them for cryptographic
+validity.
-## Conceptual overview ##
+## Overview ##
Everyone who has used secure shell is familiar with the prompt given
the first time you log in to a new server, asking if you want to trust
@@ -50,8 +51,6 @@ invites broader participation in the
[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) [web of
trust](http://en.wikipedia.org/wiki/Web_of_trust).
-## Technical details ##
-
Under the Monkeysphere, both parties to an OpenSSH connection (client
and server) explicitly designate who they trust to certify the
identity of the other party. These trust designations are explicitly
@@ -62,51 +61,10 @@ No modification is made to the SSH protocol on the wire (it continues
to use raw RSA public keys), and no modification is needed to the
OpenSSH software.
-To emphasize: *no modifications to SSH are required to use the
-Monkeysphere*. OpenSSH can be used as is; completely unpatched and
+To emphasize: ***no modifications to SSH are required to use the
+Monkeysphere***. OpenSSH can be used as is; completely unpatched and
"out of the box".
-## Philosophy ##
-
-Humans (and
-[monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html))
-have the innate capacity to keep track of the identities of only a
-finite number of people. After our social sphere exceeds several dozen
-or several hundred (depending on the individual), our ability to
-remember and distinguish people begins to break down. In other words,
-at a certain point, we can't know for sure that the person we ran into
-in the produce aisle really is the same person who we met at the party
-last week.
-
-For most of us, this limitation has not posed much of a problem in our
-daily, off-line lives. With the Internet, however, we have an ability
-to interact with vastly larger numbers of people than we had
-before. In addition, on the Internet we lose many of our tricks for
-remembering and identifying people (physical characteristics, sound of
-the voice, etc.).
-
-Fortunately, with online communications we have easy access to tools
-that can help us navigate these problems.
-[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a cryptographic
-protocol commonly used for sending signed and encrypted email
-messages) is one such tool. In its simplest form, it allows us to
-sign our communication in such a way that the recipient can verify the
-sender.
-
-OpenPGP goes beyond this simple use to implement a feature known as
-the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web
-of trust allows people who have never met in person to communicate
-with a reasonable degree of certainty that they are who they say they
-are. It works like this: Person A trusts Person B. Person B verifies
-Person C's identity. Then, Person A can verify Person C's identity
-because of their trust of Person B.
-
-The Monkeyshpere's broader goals are to extend the use of OpenPGP from
-email communications to other activities, such as:
-
- * conclusively identifying the remote server in a remote login session
- * granting access to servers to people we've never directly met
-
## Links ##
* [OpenSSH](http://openssh.com/)
diff --git a/website/local.css b/website/local.css
index b9d7287..69defae 100644
--- a/website/local.css
+++ b/website/local.css
@@ -1,29 +1,28 @@
h2 {
--moz-border-radius-topleft:4px;
--moz-border-radius-topright:4px;
-background-color:#B67B4E;
-color:black;
-display:block;
-font-weight:bold;
-padding:0 0 0 10px;
+ -moz-border-radius: 4px;
+ background-color: #B67B4E;
+ color: black;
+ display: block;
+ font-weight: bold;
+ padding: 0 0 0 10px;
}
body {
-color:#3F403F;
-font-family:"Liberation Sans",sans-serif;
-font-size:0.95em;
+ color: #3F403F;
+ font-family: "Liberation Sans",sans-serif;
+ font-size: 0.95em;
}
*|*:visited
-color:#f6a464;
+ color: #f6a464;
}
*|*:-moz-any-link {
-text-decoration:none;
+ text-decoration: none;
}
:-moz-any-link {
-cursor:pointer;
+ cursor: pointer;
}
a:link {
@@ -40,23 +39,23 @@ a:hover {
}
pre {
- background: #ddd;
- border: 1px solid #aaa;
- padding: 3px 3px 3px 3px;
- margin-left: 2em;
+ background: #ddd;
+ border: 1px solid #aaa;
+ padding: 3px 3px 3px 3px;
+ margin-left: 2em;
}
table.sitenav {
- border-bottom: 2px solid black;
- padding: 0px;
- width: 100%;
- font-size: larger;
+ border-bottom: 2px solid black;
+ padding: 0px;
+ width: 100%;
+ font-size: larger;
}
table.sitenav img.logo {
- margin: 0px;
- padding: 0px;
- vertical-align: bottom;
+ margin: 0px;
+ padding: 0px;
+ vertical-align: bottom;
}
table.sitenav a {
@@ -71,9 +70,20 @@ table.sitenav span.selflink {
}
div.header {
- text-align: right;
+ text-align: right;
+ display: none;
}
div.actions {
- text-align: right;
+ text-align: right;
+ display: none;
+}
+
+#sidebar {
+ line-height: normal;
+ width: 100%;
+ float: none;
+ margin: 0;
+ padding: 0;
}
+
diff --git a/website/mirrors.mdwn b/website/mirrors.mdwn
new file mode 100644
index 0000000..feee9bd
--- /dev/null
+++ b/website/mirrors.mdwn
@@ -0,0 +1,81 @@
+[[meta title="Mirroring the web site"]]
+
+In keeping with the philosophy of distributed development, our web site is
+stored in our git repositories and converted into html by
+[ikiwiki](http://ikiwiki.info/).
+
+We're mirrored on several servers. Rather than using ikiwiki's [pinger/pingee
+approach to distribution](http://ikiwiki.info/tips/distributed_wikis/), we've
+opted for a method that uses ssh.
+
+The steps for creating a new mirror are:
+
+## Steps to take on the mirror server ##
+
+Add etch-backports to your /etc/apt/sources.list:
+
+ deb http://www.backports.org/debian etch-backports main contrib non-free
+
+Add the following lines to your /etc/apt/preferences file:
+
+ Package: ikiwiki
+ Pin: release a=etch-backports
+ Pin-Priority: 999
+
+ # needed by ikiwiki
+ Package: libcgi-formbuilder-perl
+ Pin: release a=etch-backports
+ Pin-Priority: 999
+
+ Package: git-core
+ Pin: release a=etch-backports
+ Pin-Priority: 999
+
+Install git-core and ikiwiki
+
+ aptitude update; aptitutde install git-core ikiwiki
+
+Create a new user. Change the new users shell to git-shell:
+
+ adduser -s /usr/bin/git-shell <username>
+
+Add webmaster@george's public key to this user's ~/.ssh/authorized_keys file
+
+Add web site configuration that the user has write access to. If you are using Apache, include the following rewrite:
+
+ RewriteEngine On
+ RewriteCond %{HTTP_HOST} !^(YOURHOSTNAME|web)\.monkeysphere\.info$ [NC]
+ RewriteCond %{HTTP_HOST} !^$
+ RewriteRule ^/(.*) http://web.monkeysphere.info/$1 [L,R]
+
+Upload and edit ikiwiki.setup.sample from the docs directory
+
+As the new user, create two new git repos
+
+ mkdir monkeysphere.git; cd monkeysphere.git; git init --bare; cd ../
+ git clone monkeysphere.git # this will create a second git repo called monkeysphere
+
+Change the mode of monkeysphere.git/hooks/post-receive to 755
+
+ chmod 755 monkesphere.git/hooks/post-receive
+
+Edit the file so that it executes the post-receive hook ikiwiki generates (as
+you specified in the ikiwiki.setup file)
+
+## Admin steps to take to enable the configuration ##
+
+Add a new dns record for SERVERNAME.monkeysphere.info.
+
+Test the ssh connection by logging in as webmaster@george.riseup.net
+
+Add the new server as a remote on webmaster@george.riseup.net:monkeysphere.git
+
+ cd ~/monkeysphere.git
+ git add remote SERVERNAME USER@SERVERNAME.monkeysphere.info:/path/to/repo
+
+Test:
+
+ git push SERVERNAME
+
+
+
diff --git a/website/news.mdwn b/website/news.mdwn
index 7380eff..359e02b 100644
--- a/website/news.mdwn
+++ b/website/news.mdwn
@@ -1,4 +1,3 @@
-[[!template id="nav"]]
[[meta title="News"]]
Here are the latest announcements about the Monkeysphere.
diff --git a/website/news/apt-repo-moved.mdwn b/website/news/apt-repo-moved.mdwn
index 8f0bf81..501cc23 100644
--- a/website/news/apt-repo-moved.mdwn
+++ b/website/news/apt-repo-moved.mdwn
@@ -5,4 +5,11 @@ The monkeysphere APT repository has been moved from
`http://archive.monkeysphere.info/debian`. You'll probably want to
update your `sources.list` to match the [official lines](/download).
+The monkeysphere APT repository is also using [a new archive signing
+key](/archive-key):
+
+ pub 4096R/EB8AF314 2008-09-02 [expires: 2009-09-02]
+ Key fingerprint = 2E8D D26C 53F1 197D DF40 3E61 18E6 67F1 EB8A F314
+ uid [ full ] Monkeysphere Archive Signing Key (http://archive.monkeysphere.info/debian)
+
Apologies for any confusion or hassle this causes!
diff --git a/website/news/release-0.12-1.mdwn b/website/news/release-0.12-1.mdwn
new file mode 100644
index 0000000..ed1ecbb
--- /dev/null
+++ b/website/news/release-0.12-1.mdwn
@@ -0,0 +1,9 @@
+[[meta title="MonkeySphere 0.12-1 released!"]]
+
+# MonkeySphere 0.12-1 released! #
+
+MonkeySphere 0.12-1 has been released. This release includes
+documentation updates, and a re-organized logging subsystem with
+various levels of verbosity, modeled after LogLevel in OpenSSH.
+
+[[download]] it now!
diff --git a/website/templates/nav.mdwn b/website/sidebar.mdwn
index 33ab8ce..33ab8ce 100644
--- a/website/templates/nav.mdwn
+++ b/website/sidebar.mdwn
diff --git a/website/similar.mdwn b/website/similar.mdwn
index ae3f728..271d5ea 100644
--- a/website/similar.mdwn
+++ b/website/similar.mdwn
@@ -1,4 +1,3 @@
-[[!template id="nav"]]
[[meta title="Similar Projects"]]
The monkeysphere isn't the only project intending to implement a PKI
diff --git a/website/trust-models.mdwn b/website/trust-models.mdwn
new file mode 100644
index 0000000..60aa680
--- /dev/null
+++ b/website/trust-models.mdwn
@@ -0,0 +1,21 @@
+[[meta title
+You can see your trust database parameters like this:
+
+ gpg --with-colons --list-key bogusgarbagehere 2>/dev/null | head -n1
+
+for me, it looks like this:
+
+ tru::1:1220401097:1220465006:3:1:5
+
+These colon-delimited records say (in order):
+
+ * `tru`: this is a trust database record
+ * `<empty>`: the trust database is not stale (might be 'o' for old, or 't' for "built with different trust model and not yet updated")
+ * `1`: uses new "PGP" trust model: this is just the old trust model plus trust signatures. I'll go into trust signatures later.
+ * `1220401097`: seconds since the epoch that i created the trust db.
+ * `1220465006`: seconds after the epoch that the trustdb will need to be rechecked (usually due to the closest pending expiration, etc)
+ * `3`: Either 3 certifications from keys with marginal ownertrust are needed for full User ID+Key validity
+ * `1`: Or 1 certification from a key with full ownertrust is needed for full User ID+Key validity
+ * `5`: max_cert_depth (not sure exactly how this is used)
+
+
diff --git a/website/why.mdwn b/website/why.mdwn
index 5dc0e05..3366439 100644
--- a/website/why.mdwn
+++ b/website/why.mdwn
@@ -1,5 +1,3 @@
-[[!template id="nav"]]
-
[[meta title="Why should you be interested in the MonkeySphere?"]]
[[toc ]]
@@ -33,7 +31,7 @@ ever connected to?
[Get started with the monkeysphere as a user!](/getting-started-user)
-## As an system administrator ##
+## As a system administrator ##
As a system administrator, have you ever tried to re-key an SSH
server? How did you communicate the key change to your users? How
@@ -137,3 +135,43 @@ than the current infrastructure allows, and is more meaningful to
actual humans using these tools than some message like "Certified by
GloboTrust".
+## Philosophy ##
+
+Humans (and
+[monkeys](http://www.scottmccloud.com/comics/mi/mi-17/mi-17.html))
+have the innate capacity to keep track of the identities of only a
+finite number of people. After our social sphere exceeds several dozen
+or several hundred (depending on the individual), our ability to
+remember and distinguish people begins to break down. In other words,
+at a certain point, we can't know for sure that the person we ran into
+in the produce aisle really is the same person who we met at the party
+last week.
+
+For most of us, this limitation has not posed much of a problem in our
+daily, off-line lives. With the Internet, however, we have an ability
+to interact with vastly larger numbers of people than we had
+before. In addition, on the Internet we lose many of our tricks for
+remembering and identifying people (physical characteristics, sound of
+the voice, etc.).
+
+Fortunately, with online communications we have easy access to tools
+that can help us navigate these problems.
+[OpenPGP](http://en.wikipedia.org/wiki/Openpgp) (a cryptographic
+protocol commonly used for sending signed and encrypted email
+messages) is one such tool. In its simplest form, it allows us to
+sign our communication in such a way that the recipient can verify the
+sender.
+
+OpenPGP goes beyond this simple use to implement a feature known as
+the [web of trust](http://en.wikipedia.org/wiki/Web_of_trust). The web
+of trust allows people who have never met in person to communicate
+with a reasonable degree of certainty that they are who they say they
+are. It works like this: Person A trusts Person B. Person B verifies
+Person C's identity. Then, Person A can verify Person C's identity
+because of their trust of Person B.
+
+The Monkeyshpere's broader goals are to extend the use of OpenPGP from
+email communications to other activities, such as:
+
+ * conclusively identifying the remote server in a remote login session
+ * granting access to servers to people we've never directly met