Most of the energy in this space has gone into http://tack.io/ which has been called "a non-controversial first step" - I believe it is making its way though standards talks at the moment although I have not looked into it for a while.
Personally I think now is good time to revisit assumptions made a few years ago - security and privacy and in particular non-government controlled systems are on many peoples lips.
If I ever clear my current plate, I would be interested in diving into the problem.
There should be a clear statement about the status of Convergence on the web site. IIRC, the Firefox extension has been broken for more than a year now. Why? If Mozilla broke their APIs and made it impossible for the extension to work, then we should know about that. Otherwise, what's the excuse for the extension being broken for so long?
Convergence had the momentum, and there was a small but vocal group of people willing to support it. But, due to project mismanagement and lack of communication, that momentum has been lost.
I don't understand this. Can someone weight in with an explanation? Convergence works just fine without TACK: I can set up two or more notaries on some VPS somewhere, and my browser would check if the notaries see the same certificate on that server I am trying to connect to as my browser. Seems secure to me: no external CA involved, the certificate on the web server can be self signed, and a MITM attack would need to hack two or more external servers to be successful. How does TACK fit in all of this?
Personally I think now is good time to revisit assumptions made a few years ago - security and privacy and in particular non-government controlled systems are on many peoples lips.
If I ever clear my current plate, I would be interested in diving into the problem.