Search this site:

Speaking about the OpenPGP WoT on LibrePlanet this Saturday

So, LibrePlanet, the FSF’s conference, is coming!

I much enjoyed attending this conference in person in March 2018. This year I submitted a talk again, and it got accepted — of course, given the conference is still 100% online, I doubt I will be able to go 100% conference-mode (I hope to catch a couple of other talks, but… well, we are all eager to go back to how things were before 2020!)

Anyway, what is my talk about?

My talk is titled Current challenges for the OpenPGP keyserver network. Is there a way forward?. The abstract I submitted follows:

Many free projects use OpenPGP encryption or signatures for various important tasks, like defining membership, authenticating participation, asserting identity over a vote, etc. The Web-of-Trust upon which its operation is based is a model many of us hold dear, allowing for a decentralized way to assign trust to the identity of a given person.

But both the Web-of-Trust model and the software that serves as a basis for the above mentioned uses are at risk due to attacks on the key distribution protocol (not on the software itself!)

With this talk, I will try to bring awareness to this situation, to some possible mitigations, and present some proposals to allow for the decentralized model to continue to thrive towards the future.

I am on the third semester of my PhD, trying to somehow keep a decentralized infrastructure for the OpenPGP Web of Trust viable and usable for the future. While this is still in the early stages of my PhD work (and I still don’t have a solution to present), I will talk about what the main problems are… and will sketch out the path I intend to develop.

What is the relevance? Mainly, I think, that many free software projects use the OpenPGP Web of Trust for their identity definitions… Are we anachronistic? Are we using tools unfit for this century? I don’t think so. I think we are in time to fix the main sore spots for this great example of a decentralized infrastructure.

When is my talk scheduled?

This Saturday, 2022.03.19, at

GMT / UTC time
Conference schedule time (EDT/GMT-4)
Mexico City time (GMT-6)

How to watch it?

The streams are open online. I will be talking in the Saturn room, feel free to just appear there and watch! The FSF asks people to [register for the conference]( beforehand, in order to be able to have an active participation (i.e. ask questions and that). Of course, you might be interested in other talks – take a look at the schedule!

LibrePlanet keeps a video archive of their past conferences, and this talk will be linked from there. Of course, I will link to the recording once it is online.

Update: As of 2022.03.30, LibrePlanet has posted the videos for all of their talks, all linked from the program. And of course, for convenience, I copied the talk over here:

Current challenges for the OpenPGP keyserver network. Is there a way forward?