Thorsten Leemhuis (acct. 1/4)

""Linux Foundation CEO Jim Zemlin issued a challenge to the members: LF itself needs decentralized trust solutions—starting with the #Linux #kernel project.

Jim explained the infamous XZ attack […]

Jim wanted a privacy-preserving solution that could protect any open source project by enabling developers to prove they were real persons with real first-person trust relationships—without requiring a centralized identity database.

[…]

Verifiable trust communities and verifiable membership credentials enable trust relationships to be verified not just within trust communities, but across trust communities. For example, a developer who is a member of one ​​open source project—such as the Linux kernel—could use that VMC to prove their credentials to a different open source project.

[…]

The goal is for the kernel project instance to be ready for maintainers to review at the Linux Kernel Maintainer Summit October 8 in Prague.""

https://www.lfdecentralizedtrust.org/blog/decentralized-trust-infrastructure-at-lf-a-progress-report

Decentralized Trust Infrastructure at LF: A Progress Report

An update on building scalable, privacy-preserving decentralized trust infrastructure for proof of personhood using verifiable credentials using open standards and code from LF Decentralized Trust

Mar 19 at 6:14amWeb
Show threadPope Bob the UnsaneMar 19

@kernellogger sounds like we need decentralized gpg/pgp 'registrars' or 'keuservers' as they used to be...

Except we need more key-signing parties.

Show threadKrzysztof KozlowskiMar 19
@kernellogger Did he just propose PGP/GnuPG web-of-trust? Isn't this like a 30 year old thing?
Show threadThorsten Leemhuis (acct. 1/4)Mar 20
@krzk well, the text claims that "decentralized trust graph (DTG)" is supposed to "solve both the automation and scalability challenges of the web of trust model.". If that really is true: good question, I didn't care enough to really look deeply into this…
Show threadJames BottomleyMar 20

@kernellogger watching the video of the LF Member Summit presentation I was surprised by two things

1) They actually seemed to have a rudimentary discussion!
2) The attempt to capture the session was a complete failure: no video, no audio mic and presenters didn't repeat questions ... gosh I wish some related conference had worked out how to do this better so the LF could learn from it ...