Thorsten Leemhuis (acct. 1/4)Mar 19

""Linux Foundation CEO Jim Zemlin issued a challenge to the members: LF itself needs decentralized trust solutions—starting with the #Linux #kernel project.

Jim explained the infamous XZ attack […]

Jim wanted a privacy-preserving solution that could protect any open source project by enabling developers to prove they were real persons with real first-person trust relationships—without requiring a centralized identity database.

[…]

Verifiable trust communities and verifiable membership credentials enable trust relationships to be verified not just within trust communities, but across trust communities. For example, a developer who is a member of one ​​open source project—such as the Linux kernel—could use that VMC to prove their credentials to a different open source project.

[…]

The goal is for the kernel project instance to be ready for maintainers to review at the Linux Kernel Maintainer Summit October 8 in Prague.""

https://www.lfdecentralizedtrust.org/blog/decentralized-trust-infrastructure-at-lf-a-progress-report

Decentralized Trust Infrastructure at LF: A Progress Report

An update on building scalable, privacy-preserving decentralized trust infrastructure for proof of personhood using verifiable credentials using open standards and code from LF Decentralized Trust

Show threadPope Bob the Unsane

@kernellogger sounds like we need decentralized gpg/pgp 'registrars' or 'keuservers' as they used to be...

Except we need more key-signing parties.

Mar 19 at 6:21amWeb