keys-pub/keys

A few questions about the service

selurvedu opened this issue · 3 comments

Hi! I stumbled upon this project yesterday. Even though it looks interesting to me, I can't find any info about threat models and how keys.pub deals with them.

Is keys.pub centralised? Is there a single point of failure? What happens if an attacker gets control of the server or just the domain? How would that affect the users of keys.pub? If the service ever gets shut down, what gets lost and what doesn't? How the users can make use of what remains? etc. etc.

The server is open source, but there aren't clear instructions on how to deploy it yet (hopefully will get to that soon). There is also no current way to switch servers in the app (also on the list of things). Ideally others could run servers too and people could choose.

If keys.pub failed, other servers could take its place. Other servers could mirror each other in case some went down. The app could keep a list of mirrors too. Discovery of mirrors could be decentralized.

These are great questions. Currently things are still early and so these issues aren't addressed yet, but it is possible to address them if that makes sense.

Thanks for your feedback.

Oh also to clarify, the server is meant to be untrusted, but an attacker on the server could show older history ("reality forks") to certain users. That issue is discussed here some: #29.

Thanks for your replies!