Likely easy enough for a client based on E2E encryption principles; the backend is in many ways a (fancy) dumb pipe. (It could still require complex infrastructure, but at least there'd be relative little "feature" code on the backend to be rewritten.)
FWIU, Cyph does Open Source E2E chat, files, and unlimited length social posts to circles or to public; but doesn't yet do encrypted git repos that can be solved with something like git-crypt.
https://github.com/cyph/cyph
It would be wasteful to throw away the Web of Trust (people with handles to keys) that everyone entered into Keybase. Hopefully, Zoom will consider opening up the remaining pieces of Keybase if not just spinning the product back out to a separate entity?
> There's also "Web Key Directory"; which hosts GPG keys over HTTPS from a .well-known URL for a given user@domain identifier: https://wiki.gnupg.org/WKD
> GPG presumes secure key distribution
> Compared to existing PGP/GPG keyservers [HKP], WKD does rely upon HTTPS.
Blockcerts can be signed when granted to a particular identity entity:
How do I specify the correct attributes of my schema.org/Person record (maybe on my JAMstack site) in order to approximate the list of identities that e.g. Keybase lets one register and refer to a cryptographic proof of?
Do I generate a W3C DID and claim my identities by listing them in a JSON-LD document signed with W3C ld-proofs (ld-signatures)? Which of the key directory and Web of Trust features of Keybase are covered by existing W3C spec Use Cases?
>> 2. Use Cases: Online shopper, Vehicle assemblies, Confidential Customer Engagement, Accessing Master Data of Entities, Transferable Skills Credentials, Cross-platform User-driven Sharing, Pseudonymous Work, Pseudonymity within a supply chain, Digital Permanent Resident Card, Importing retro toys, Public authority identity credentials (eIDAS), Correlation-controlled Services
> And then, IIUC W3C Verifiable Credentials / ld-proofs can be signed with W3C DID keys - that can also be generated or registered centrally, like hosted wallets or custody services. There are many Use Cases for Verifiable Credentials: https://www.w3.org/TR/vc-use-cases/ :
>> 3. User Needs: Education, Retail, Finance, Healthcare, Professional Credentials, Legal Identity, Devices
>> 4. User Tasks: Issue Claim, Assert Claim, Verify Claim, Store / Move Claim, Retrieve Claim, Revoke Claim
>> 5. Focal Use Cases: Citizenship by Parentage, Expert Dive Instructor, International Travel with Minor and Upgrade
>> 6. User Sequences: How a Verifiable Credential Might Be Created, How a Verifiable Credential Might Be Used
Is there an ACME-like thing to verify online identity control like Keybase still does?
Hopefully, Zoom will consider opening up the remaining pieces of Keybase if not just spinning the product back out to a separate entity?
> The last IETF draft for HKP also defines a distributed key server network, based on DNS SRV records: to find the key of someone@example.com, one can ask it by requesting example.com's key server.
> Keyserver examples: These are some keyservers that are often used for looking up keys with `gpg --recv-keys`.[6] These can be queried via https:// (HTTPS) or hkps:// (HKP over TLS) respectively:
keys.openpgp.org ,
pgp.mit.edu ,
keyring.debian.org ,
keyserver.ubuntu.com ,
> GpgSignature2020: A JSON-LD Document has been signed with GpgSignature2020, when it contains a proof field with type GpgSignature2020. The proof must contain a key signatureValue with value defined by the signing algorithm described here. Example:
