diff options
Diffstat (limited to 'website')
| -rw-r--r-- | website/community.mdwn | 6 | ||||
| -rw-r--r-- | website/download.mdwn | 40 | ||||
| -rw-r--r-- | website/expansion.mdwn | 49 | ||||
| -rw-r--r-- | website/getting-started-admin.mdwn | 8 | ||||
| -rw-r--r-- | website/local.css | 2 | ||||
| -rw-r--r-- | website/news/release-0.27-1.mdwn | 19 | ||||
| -rw-r--r-- | website/news/release-0.28.mdwn | 15 |
7 files changed, 113 insertions, 26 deletions
diff --git a/website/community.mdwn b/website/community.mdwn index 3ae81c1..492703b 100644 --- a/website/community.mdwn +++ b/website/community.mdwn @@ -38,6 +38,10 @@ the following from inside the monkeysphere top level directory: This command will build an upstream tarball, attach the debian packaging directory, and build a sample deb. +If you want to help extend the scope of the Monkeysphere, take a look +at our +[list of environments that could make use of the project](/expansion). + ### Individual developer repositories ### You might also be interested in the repositories of individual @@ -48,7 +52,7 @@ offering: git clone git://lair.fifthhorseman.net/~dkg/monkeysphere -[Jameson Graef Rollins](http://cmrg.fifthhorseman.net/wiki/jrollins): +[Jameson Rollins](http://cmrg.fifthhorseman.net/wiki/jrollins): git clone git://lair.fifthhorseman.net/~jrollins/monkeysphere diff --git a/website/download.mdwn b/website/download.mdwn index d235294..d41c3a7 100644 --- a/website/download.mdwn +++ b/website/download.mdwn @@ -86,38 +86,38 @@ For those that would like to download the source directly, [the source is available](/community) via [git](http://git.or.cz/). The [latest -tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.26.orig.tar.gz) +tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.28.orig.tar.gz) is also available, and has these checksums: <pre> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -checksums for the monkeysphere 0.26 release: +checksums for the monkeysphere 0.28 release: MD5: -f0e5fe66a9affd951e601ea5d6188972 monkeysphere_0.26.orig.tar.gz +b66f671ec48725a0eb55de7de4d7ce6d monkeysphere_0.28.orig.tar.gz SHA1: -de0125e43c8c7d7d98f45f9395576ff06e150307 monkeysphere_0.26.orig.tar.gz +ead634e0ea0a795e8a96812b7397d318a4be54b0 monkeysphere_0.28.orig.tar.gz SHA256: -e743a0642f0da5d6ecea6cb3c8ff6c05ac56a094c351a7fdca2a4a707fe05c00 monkeysphere_0.26.orig.tar.gz +b463577d36d6e8f5eb698d8e3c75d27bcfb3f928628c128f5d342e8a83bef6f2 monkeysphere_0.28.orig.tar.gz -----BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.9 (GNU/Linux) - -iQIVAwUBSnSzIRjmZ/HrivMUAQqQdw//SZ5OrjB+FFe/+sRyRBv3YcjSO7Iif8uo -ZG8LPbba9v0qUT/pOvMTXij2Wm3dFwgphrNCJgYriHx/0MdvPuHpz+TXRIVFRD7Q -CNHrG9kuf6BFClqyQwqD1/5FMehu8hEWm0DdyEhB5pUcHzo9ExpjFGGImpI/XvZz -/HWL7hCoZvJ8iBKyZ0dNSbDZA8WcWkYVKbc42sYYpqHM4kVjfQq37vUDBgq78d4d -rTDiEF1+4kuwZtKKxJq8woN9+/5atpknFcnICSOobeX1PAOkj96yEAczr39pQNam -3z2YjdQM0tJsGjguYIiYxwUAs38a/p+rX7+PvS5xY85RCLSsgOplnhSLXluXp5fO -7Ok2FFmimxYcNfsKFaJQiOa3OaRW6u15+sxb7KNC+raNVwyw8fsaDe7eKGx/xQI5 -fnvjFHJDM3HwzBSRNcBZNacsMAfq0jaN4BAalv9nzpcynsG+vkNI6mus9eopC9/n -9UwhMRpObndSjNoR/Erbh99jv0mvTeqdG9h9Kjbr38TT5qLWSYRftK7FHglZMmzN -or3lgUs3bTc6bJlWE9YvGlwEduaaEY0us7fW4nPDQhT+OCHCrjCBk1ppA4SzAnE1 -qTUt5Fa7vjLPaefT58qKRXlglUhsbtVabVoeCFKBFvAebm/XS3kPh2P9Qfk6azQ7 -iJM65kCCil0= -=tyHC +Version: GnuPG v1.4.10 (GNU/Linux) + +iQIVAwUBS1YAyBjmZ/HrivMUAQqbBBAAqhnDfDZukFUDEN6Y164o/AXMtBO20KUg +GyrgjgJElQJC2oz9OooNJ60iPSOz/G+Wu5lSMnRqdKU8x50F7ogYE1Gnd+8J3c2G +1ciDQbLrR7pE2jua7xyfA+SQgg3bSgSN/7Jl61+OosQpcI/WnJvOQWKA6TI+iRGC +B4g87ZRSRUAVZoFDRY0lBINP70+riGrYm8b2tgp7FbpgVBtUFL8gsmxnPZ7cGYF2 +yTwg9ZCAlDQ6LIZ7DAwb2lUAtAHtlLfAhulr3qLW2SNc95vcJ7Ss7CjgIuCL8qTe +2zX2fysG7Hgbi0G0GNjv+yomOFlRGWC1Gf3pv0Clmy7cVgIgcP61nE3djFSYa9vk +k7cKtppNEzoleEjz+dMIOezcXCdLO2g+sQfpaYU5acRp95ouCaXYINS8DYDkaKwj +Wjra6BSCbClzZYblOJIlCmK4JJPE4EB8NShL/VXSwV8uvtNniGNpGHeHqaKvbT+Y +RYlCzL+/Ruyv1dQbtiBtErB8yP+psheoQYk6lU7nNy+MTH+R/xXrbHxptSDRQwru +O1hbfONnEK6JfdVQI4zEBuBz8NVuZPPQqqy1mxLSWMxWKz4GtNbTXOR1tRFVqlxk +eCTYdhhyIz7gu8EUwvTLZoqKOB6kQWS1ygycFRi/g+DOOXuSpazF5XmutF6HpJx1 +1nK2WBl5loE= +=164p -----END PGP SIGNATURE----- </pre> diff --git a/website/expansion.mdwn b/website/expansion.mdwn new file mode 100644 index 0000000..13f368a --- /dev/null +++ b/website/expansion.mdwn @@ -0,0 +1,49 @@ +[[meta title="Expanding the Monkeysphere"]] + +# Expanding the Monkeysphere # + +The Monkeysphere currently has implementations that support two +popular protocols in use on the internet today: + + * SSH: Monkeysphere supports the OpenSSH implementation of the Secure + Shell protocol, for authenticating both hosts and users. + + * HTTPS: Monkeysphere supports secure web traffic by allowing users + of Mozilla-based browsers (such as + [Firefox](http://www.mozilla.com/en-US/firefox) or + [Iceweasel](http://wiki.debian.org/Iceweasel)) to authenticate web + sites that are not authenticated by the browser's built-in X.509 + verification. This should work with any HTTPS-capable web server. + +But there are many protocols and implementations on the 'net that +could use the Monkeysphere for key-based authentication but currently +do not. Here are some examples of places we think it could be useful. +If you can help with these (or suggest others), please pitch in! + + * HTTPS client authentication: web servers should be able to + authenticate clients that use asymmetric crypto. That is, the + client holds an RSA secret key, offers a (potentially self-signed) + X.509 Cert to the server as part of the TLS handshake, and the + server verifies the key material and commonName or subjectAltName + in the cert via the OpenPGP web of trust. + + * Other TLS connections: for example, SMTP services using STARTTLS + (server-to-server and client-to-server), IMAP or POP daemons (using + STARTTLS or a direct TLS wrapper), LDAP servers (or LDAPS), XMPP + connections (client-to-server and server-to-server) + + * IRC connections: this could be at the TLS layer, or maybe via some + exchange with the NickServ? + + * [OTR](http://www.cypherpunks.ca/otr) client-to-client handshakes. + + * Integration with + [OpenPGP Certificates for TLS (RFC 5081)](http://tools.ietf.org/html/rfc5081) + -- TLS clients or servers who receive an OpenPGP certificate from + their peer should be able to ask some part of the Monkeysphere + toolchain if the particular certificate is valid for the + connection. + + * [PKINIT](http://tools.ietf.org/html/rfc4556) for + [Kerberos](http://web.mit.edu/Kerberos/) + diff --git a/website/getting-started-admin.mdwn b/website/getting-started-admin.mdwn index aad4251..ab0acc6 100644 --- a/website/getting-started-admin.mdwn +++ b/website/getting-started-admin.mdwn @@ -1,8 +1,8 @@ Monkeysphere Server Administrator README ======================================== - Note: This documentation is for Monkeysphere version 0.23 or later. - If you are running a version prior to 0.23, we recommend that you upgrade. + Note: This documentation is for Monkeysphere version 0.28 or later. + If you are running a version prior to 0.28, we recommend that you upgrade. As the administrator of an SSH server, you can take advantage of the Monkeysphere in two ways: @@ -25,11 +25,11 @@ To begin, you must first import an ssh host key. This assumes that you have the ssh server installed, and that you have generated a host RSA key. Once that has been done, import the key: - # monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key server.example.net + # monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://server.example.net This will generate an OpenPGP certificate for the server. The primary user ID for this certificate will be the ssh service URI for the host, -(eg. `ssh://server.example.net`). Remember that the name you provide +(e.g. `ssh://server.example.net`). Remember that the name you provide here should probably be a fully qualified domain name for the host in order for your users to find it. diff --git a/website/local.css b/website/local.css index b2d86c7..4a2d992 100644 --- a/website/local.css +++ b/website/local.css @@ -5,7 +5,7 @@ Copyright: 2008,2009 Authors: Dan Scott, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, -Jameson Graef Rollins <jrollins@finestructure.net>, +Jameson Rollins <jrollins@finestructure.net>, Jamie McClelland <jm@mayfirst.org> License: This stylesheet is licensed under the GNU GPL, version 3 or diff --git a/website/news/release-0.27-1.mdwn b/website/news/release-0.27-1.mdwn new file mode 100644 index 0000000..7c71ad1 --- /dev/null +++ b/website/news/release-0.27-1.mdwn @@ -0,0 +1,19 @@ +[[meta title="Monkeysphere 0.27-1 released!"]] + +Monkeysphere 0.27-1 has been released. + +Notes from the changelog: + +<pre> + * New upstream release: + - fixed monkeysphere gen-subkey subcommand that was erroneously + creating DSA subkeys due to unannounced change in gpg edit-key UI. + Now tests for gpg version (closes MS #1536) + - add new monkeysphere keys-from-userid subcommand to output all + acceptable keys for a given user ID literal + * updated debian/copyright to match the latest revision of DEP5. + * updated standards version to 3.8.3 (no changes needed) + * add cpio to Build-Depends (used in test suite) (Closes: #562444) +</pre> + +[[Download]] it now! diff --git a/website/news/release-0.28.mdwn b/website/news/release-0.28.mdwn new file mode 100644 index 0000000..a77fc03 --- /dev/null +++ b/website/news/release-0.28.mdwn @@ -0,0 +1,15 @@ +[[meta title="Monkeysphere 0.28 released!"]] + +Monkeysphere 0.28 has been released. + +Notes from the changelog: + +<pre> + * Major rework of monkeysphere-host to handle multiple host keys. We + also no longer assume ssh service keys. monkeysphere-host is now a + general-purpose host service OpenPGP key management UI. + * Rename keys-from-userid command to more accurate keys-for-userid + * separate upstream and debian changelogs +</pre> + +[[Download]] it now! |