Skip to main content


Resisting the centralization of network infrastructure Keynote by Mr GnuPG Werner Koch at GUADEC 2016:
Today, the new attempt is, which many users like for its convenience (linking PGP keys to social media accounts). But it fundamentally violates the end-to-end privacy principle of PGP by binding keys to privacy-invading services. Periodically, he said, proposals pop up to implement "validating" PGP keyservers—but none of them work in a decentralized fashion. He urged users to stand up against all attempts to centralize PGP.

Finally, he looked at federation in general. Mail servers have more and more difficulty interoperating, he said, and XMPP has "lost its track" and is being replaced by centralized systems like WhatsApp and Signal. He encouraged developers to make federation a priority and to design for it from the beginning.

Note: If you are not subscribed to LWN, you cannot yet read the article, but it will be open in one week. Be patient, the article is worth it. Or subscribe to LWN, they deserve more subscribers!

#decentralization #federation #gnupg #openpgp #xmpp #signal #keybase #keybaseio
I just got a account. I think i'm going to ditch it though. Something makes me think it's not right for me.