[DHowitzer]

Hi, it's Will Ackerly here. We've thought a lot about the National Security Letter scenario, and so, we're going to be pushing to our website a Canary (in the coal mine) icon, linking to a statement declaring that we have never received an NSL. Our special counsel on privacy (Tim Edgar, who used to work at ACLU) came up with the idea for us, which I believe Apple is using through regular reports (not a literal canary icon on their website).

[cschmidt]

Rsync.net uses a warrant canary as well:

http://www.rsync.net/resources/notices/canary.txt

I've actually found it kind of surprising that they haven't had any warrants yet.

But you're going to be served with an NSL if you get big enough to be interesting. It seems to happen to everyone. An then you won't be able to update the canary any more. That's a good idea, but I don't think it is enough.

I don't mean to be negative, I just guess I don't see why you'll succeed against the government when the others have not.

[DHowitzer]

Great points, definitely not negative, just realistic.

There may be no single silver bullet here. In addition to pursuing open source key servers, we're also working on UI/UX for easy addition of public key wrapping using the same crypto as PGP. Our hope is that we can deploy public key in a way that most people start using it to minimize the proportion of unwrapped keys on Virtru's server.