@pete @orionwl that reads like two fallacies to me, #1 that web of trust actually works, #2 that you can make a new standard without some people using it while it's niche? Also Bip322 supports multisig signatures, it's not single key.

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:11

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:11

Jan 22, 2021, 08:11

Peter Todd @pete@petertodd.org

@ajtowns @orionwl Web-of-trust works for it's intended audience: people who are taking the time to actually verify something rather than just relying on their web browsers.

Re: multisig, just sticking a few different signatures on releases manually is fine. Anyone verifying this stuff to that level is verifying it manually anyway. And PGP *does* allow for multiple signatures on one file, even in things like git commits.

**ajtowns** @ajtowns@mastodon.social · Jan 22, 2021, 08:25

**ajtowns** @ajtowns@mastodon.social · Jan 22, 2021, 08:25

Jan 22, 2021, 08:25

ajtowns @ajtowns@mastodon.social

@pete @orionwl manually verifying things doesn't scale, that's why apt and the like verify signatures automatically. You have to trust/verify you got the initial installation right and haven't been compromised since, but automation makes staying up to date easier. Automating gpg is pretty painful, and we have or own signing tools that we have to maintain anyway. but *shrug* - I've done the adding gpg stuff with apt already, don't need to climb that mountain again.

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:30

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:30

Jan 22, 2021, 08:30

Peter Todd @pete@petertodd.org

@ajtowns @orionwl ...apt uses PGP behind the scenes...

Anyway, "doesn't scale" is irrelevant. The actual use-case of PGP is for the experts to verify that high value use-cases are correct. Including that the automated systems are correct.

Don't get fooled by propaganda from academic cryptographers who have every reason to shit on an inherently fuzzy, human, problem that their math credentials can't solve.

**ajtowns** @ajtowns@mastodon.social · Jan 22, 2021, 08:33

**ajtowns** @ajtowns@mastodon.social · Jan 22, 2021, 08:33

Jan 22, 2021, 08:33

ajtowns @ajtowns@mastodon.social

@pete @orionwl yes, I designed that code. And despite using the special front-end for parsing, there's been security bugs as a result.

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:40

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:40

Jan 22, 2021, 08:40

Peter Todd @pete@petertodd.org

@ajtowns @orionwl I know. That's why efforts got put into writing new PGP libraries. Efforts that should have been done literally a decade ago... But of course get held back, because people inexplicably push weird niche stuff that's obviously worse.

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:43

**Peter Todd** @pete@petertodd.org · Jan 22, 2021, 08:43

Jan 22, 2021, 08:43

Peter Todd @pete@petertodd.org

@ajtowns @orionwl Believe me, I'd love to replace OpenPGP with a standard with sane serialization, ditches old crypto, etc.

But if I were to do that, I'd actually make a _replacement_. That means thinking about how to get to the same place re: WoT and key distribution. And that's a _much_ harder problem to solve than the crypto itself.

**Peter Todd** @pete@petertodd.org · 2021-01-22T08:46:34Z

Peter Todd @pete@petertodd.org

@ajtowns @orionwl You know what was _the_ biggest advance in web certificate security?

It wasn't new crypto. It was a stupidly simple merkle mountain range called certificate transparency. It revolutionized the human/political side of the certificate business, by adding some pretty basic auditing. It has literally lead to scammers and bad actors going bankrupt.

_That's_ the kind of thing what a PGP replacement needs to focus on. Not what signature scheme it happens to use.

Jan 22, 2021, 08:46 · · Web · · ·

Resources

Developers

What is Mastodon?

petertodd.org

More…