February 22-24, 2013
Hilton Los Angeles International Airport
A web of trust is essential to establish authenticity among parties within any public key cryptographic system. It provides a decentralized alternative to the certificate authority model employed by centralized public key infrastructure (PKI) systems. The web of trust is fundamental to OpenPGP and GnuPG cryptographic communications.
SKS is the traditional open source implementation of a synchronizing OpenPGP key server, implementing RFC2440, and is available in most Linux distributions. SKS is written in the OCaml programming language and uses a Berkeley Database backend.
At Gazzang, we built zTrustee, an opaque data object and key management solution, on the OpenPGP web-of-trust model and a suite of Linux and Open Source technologies. In zTrustee, the key server serves a vital role in exchanging client and server identity. However, during stress testing we identified performance and stability problems with the SKS key server.
Hockeypuck is an alternative implementation of a public key server, designed for performance, scalability and extensibility. Development was easy and fun with the strong concurrency model and rich library ecosystem of the Go programming language and the flexibility of MongoDB data storage.
In this talk I’d like to share the state of the project and some exciting new applications for the public key server model beyond OpenPGP.