[michaelt]

PGP’s web of trust was kinda bad privacy-wise in some regards, as it basically revealed your IRL social network.

If my PGP public key has 6 signatures and they’re all members of the East Manitoba Arch Linux User Group, you can probably work out pretty easily which Michael T I am.

Are there successful newer designs, which avoid this problem?

[pjc50]

The IRL social network is actually the important part of the trust structure.

The only one of these I've seen that really worked was the Debian developer version: you had to meet another Debian developer IRL, prove your identity, and only then could you get the key signed and join the club.

[michaelt]

> The IRL social network is actually the important part of the trust structure.

For Debian-style applications that are 100% about openness and 0% about secrecy, sure.

But if you want to secure communications between pro-democracy activists in China, or you're a Snowden-like whistleblower wanting to securely communicate with journalists - y'all probably don't want to be vouching for one another's keys.

[81AB24FB]

I participate in developing anti-censorship tools. Chinese are a significant population, and it has some overlap with activists there. In practice, identity settles at "who controls this email address".

Self-signed PGP is very occasionally used to prove continuity across channels or addresses. Cross-signed basically never.

[LtWorf]

You need to meet 2 actually :)