Trust and Internet Identity Meeting Europe
2013 - 2020: Workshops and Unconference

TIIME 2015 Session 32: Rebooting the Web of Trust

Convener: Markus Sabadello

Abstract: We discussed a recent event called "Rebooting the Web of Trust", which explored modern technologies (crypto, blockchain, self-sovereign identity). The ambitious goal of the event was to come up with better alternatives to traditional PGP, TLS, name registration, and other Internet services. One of the key projects is to create a blockchain-based registry for permanent identifiers that anyone can use without intermediaries. The community will publish a set of white papers and hold additional events in 2016.

Tags: Trust, Crypto, Archtecture



Black chain-based registry for identifiers à public keys DPKI

Instead of rent + buy a domain name: new model of handling identifiers

Talk about an event in San Francisco, couple of weeks ago


  • PGP 25th anniversary. A lot of people are not using this and cryptology in general
  • X.509 model - problems: trust hierarchy in certificates.
  • SSL - problematic X.509 CA model
  • Naming: email addresses, you never really own a name. You can only rent a domain name, not buy it.

New layer, new architecture that can fix these problems

Some of the people who attended the event in SF: Christopher Allan, Jon Callas (one of the creators of PGP), Bit coin-involved people, Juan Benet. Working on advanced, cutting-edge crypto-protocols.

Idea: come up with ideas as individuals. Own our own identity.

Technologies that are being discussed (SAML, trust frameworks + federations) - you never own something, you're only ever part of a federation (there's authorisation manager, etc.)

In PGP: you create your own private key without a SP

You get started by yourself. Don’t have to pay an account. PGP, SSL etc. try to do it better

Event: all participants submitted papers about what they're interested in: folder of these papers.

Some are pretty advanced: signatures, mark signatures, distributed file systems, semantic web technologies, trust models etc.

Might be interesting to create a new kind of way to do what we currently do with PGP

Security can be combined

User-centric identity is quite common but: self-sovereign identity - new expression people come up with. You don't need anyone else to get started. You can participate in a system without signing up.

  • Johan: how can they communicate with you? What about the key?

Ongoing process. There’ll be an outcome. One of the documents (DPKI - decentralised public key infrastructure): method for registering your key with an identifier in a block-chain

  • Rik: how to ensure there aren't collisions?
  • Johan: even though you got a public key, (...)
  • Aud 2: combination is the trick.

What exactly is it that you put into a block-chain?

One approach: first come, first surf. Public key à then it's your identifier. Someone else can't come after you. You can always write it into a block-chain even though another one already has done it.

You got identifier, you don’t have to manually change

  • Johan: if I create a public key. How do they know I’m attached to the public key.

I can tell you my identifier is 'Markus', or a Twitter user name.

Is anyone familiar with the SUCCOS? Triangle?

Having names like twitter user names in a way that is not controlled by a single authority. Doesn’t enable block-chains.

Not saying that you can’t have all of these properties, it’s just not very likely:

Desirable attributes for identifiers (usernames, domain names, IP,)

  • Human readable
  • globally unique
  • decentralised

Pseudonyms are just local.

Maybe we don't want global identifiers. Maybe I just need local identifiers for my friends. You got a name, so I know it’s you. You can link them.

For example:

(Addresses the audience) you're Johan and you're Rik.

Human readable name: Rik who is known by Johan. Mechanism.

  • Aud: what if Rik doesn't want him to know him? (ha, ha)
  • Rik: limitations + scalability problem: solution?

There’s articles on that. e.g., how secure are block chains?

Extract from paper: "can be vulnerable if you look at the number of nodes that are mining. Whatever is the smallest number, is the vulnerability of the block chain" if you can compromise any of these, you can compromise the block chain. Recommendation in the paper: use multiple block chains. Supposedly decentralised - you register your identifier etc.

But err...what was the question?

  • Rik: There’s the public block chain. Do you have other distributed proof of trust? diff communities operating diff proof
  • Public block chain can scale.

Objective of the event in San Francisco: do create permanent identities? How to eliminate identities? How do you take yourself out of the circulation if you're dead?

  • Aud 3: what if somebody deletes the block chain? -- They’ll have to delete a whole lot.
  • Johan: Name coin. But THIS is more generic. You can put things in multiple block chains.

Registration doesn’t expire. What happens when you die? You can encode these rules in the block chain thing. When you create such a registry, then you can just agree on these rules and say that it's in the consensus.

There’s a project that experiments with that, it's called 'blockstore', created by a company that is called “onename” on the Bitcoin block chain. Putting things on the block chain: approach that you store most of your data outside the block chain. This project is trying to create the higher level component (higher semantics etc.) via Bitcoin. You can register a name but you have to renew it every couple of years.

  • Rik: do you still own it? Or do you have to pay?

You have to pay your bit coin payment, other than that no fee.

'Registration is always done directly by the principle'. Registration services that work on behalf of services is prohibited -> you use your own server/machine, like with java script. Use Bitcoin in your browser and then put it into the blockchain. Cannot technically be prevented.

  • Aud 3: are there reliable Javascript implementations?

Testing tool for trying repairing your keys. (Registry playground for BIP32, BIP39,...)

Idea: creating some kind of object that you put on the block chain. That’s where you have your public key. You can generate it yourself, then register it.

Demo BIP32: interesting ideas from the Bitcoin community. Bitcoin improvement proposal.

39: creating a key pair from a phrase (number of words), not a new idea but you can create a random sequence of words and then create your key pair. Either you download your private key or you remind your key or print your QR code. To make it easier not lose your private key.

32: about hierarchical deterministic keys. Start with a master key pair, derive at another key (grandchildren keys). You can start generating new key pairs without registering new stuff on the block chain.

  • Johan: can you use the key for a one-time-usage? Give my key to you for a limited time
  • Aud: it's a time constraint, not use constraint

You also say what data can be used.

Example: I send you 0.5 Bitcoins, in my wallet: not a lot of keys. You just have to create one key, can create child key pairs too. From this perspective, it's a different key that is used.

Every friend I have: I can just use a derived child key.

HD key - but a bit off-topic.

Concept of think lions:

Full node: in a block chain means you run a full server, you're invalidating all the transactions, you need to be online, you need to have storage etc. not easy on a smartphone.

If you want to register to a block chain on a smartphone, you can't run a full stack of the block chain. You need a think lion (so you can register things and your reg. is valid).

  • Good idea but got a lot of issues, like moving money.

Same challenge like a Bitcoin wallet. You’re not running a full node, not running a full protocol.

  • Johan: why can’t it be built into the wallet? That’s the place it would fit into.

It’s similar but it’s not about Bitcoin but registering and identifying with a public key.

In the article: what if they lose their phone, backups etc.

Shamir secret sharing: sharing it with people you trust (3 best friends are given parts of my private key). They will have to return it to me if I lose mine.

Instead of splitting up my key and distribute them, I can make my friends create a new one for me (instead of getting back my old one).

  • Aud: I hope your friends don't die or get arrested :-)
  • What if they decide they're not your friend anymore? Hopefully you still got other ones.
  • Rik: combining centralised key chains with the blockchains - that way you had have comfort in knowing it's professionally administered.

There doesn't have to be friends but a more official thing.

  • Rik: was it a compelling event? What are the next steps?

White papers are going to be published in December.

Something about the articles:

  • Smart signatures. Within a key/signature, you encode these rules. It's about signatures, verification mechanisms.
  • 1 non-technical as well.
  • 1 'Identity 20-20' project: digital identities for the most vulnerable and excluded members of society, e.g. refugees and homeless people. If your government throws away your passport, you only have a smartphone. How can you verify the things that you have done and the person you are? To prove where you stem from and that you deserve refuge. -- a bit shady and not very clear to me. Sounded interesting though. Self-sovereign identity for those who have nothing.
  • 'Detecting keys misuse' – article
  • 'Rebranding web of trust' - protocols etc.

Next year: follow-up event.

June/July 2016: demo

25th birthday of PGP