--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<!--[if lt IE 7]> <html class='no-js ie6' lang='en' xmlns='http://www.w3.org/1999/xhtml'> <![endif]-->
+<!--[if IE 7]> <html class='no-js ie7' lang='en' xmlns='http://www.w3.org/1999/xhtml'> <![endif]-->
+<!--[if IE 8]> <html class='no-js ie8' lang='en' xmlns='http://www.w3.org/1999/xhtml'> <![endif]-->
+<!--[if gt IE 8]><!--> <html lang='en' xmlns='http://www.w3.org/1999/xhtml'> <!--<![endif]-->
+<head>
+<title>Fixing trust on the Internet</title>
+<meta http-equiv='Content-Type' content='text/html; charset=utf-8'/>
+<meta name='generator' content='Org-mode'/>
+<meta name='author' content='Tom Marble'/>
+
+<link rel='stylesheet' href='deck.js/core/deck.core.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/extensions/goto/deck.goto.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/extensions/menu/deck.menu.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/extensions/navigation/deck.navigation.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/extensions/onepage/deck.onepage.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/extensions/scale/deck.scale.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/extensions/status/deck.status.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/themes/style/neon.css' type='text/css' />
+<link rel='stylesheet' href='deck.js/themes/transition/fade.css' type='text/css' />
+<script src='deck.js/jquery.min.js' type='text/javascript'></script>
+<script src='deck.js/core/deck.core.js' type='text/javascript'></script>
+<script src='deck.js/modernizr.custom.js' type='text/javascript'></script>
+<script src='deck.js/extensions/goto/deck.goto.js' type='text/javascript'></script>
+<script src='deck.js/extensions/menu/deck.menu.js' type='text/javascript'></script>
+<script src='deck.js/extensions/navigation/deck.navigation.js' type='text/javascript'></script>
+<script src='deck.js/extensions/onepage/deck.onepage.js' type='text/javascript'></script>
+<script src='deck.js/extensions/scale/deck.scale.js' type='text/javascript'></script>
+<script src='deck.js/extensions/status/deck.status.js' type='text/javascript'></script>
+
+<script type='text/javascript'>
+ $(document).ready(function () { $.deck('.slide'); });
+</script>
+
+<style type='text/css'>
+#table-of-contents a {color: inherit;}
+#table-of-contents ul {margin-bottom: 0;}
+#table-of-contents li {padding: 0;}
+
+#preamble, #postamble {left: 5px; width: 100%;}
+#preamble {position: absolute; top: 10px;}
+#postamble {}
+
+#title-slide h1 {
+ position: static; padding: 0;
+ margin-top: 10%;
+ -webkit-transform: none;
+ -moz-transform: none;
+ -ms-transform: none;
+ -o-transform: none;
+ transform: none;
+ font-size: 2em;
+}
+#title-slide h2 {
+ text-align: center;
+ border:none;
+ padding: 0;
+ margin: 5em;
+ font-size: 1.2em;
+}
+.fullscreen {
+ position: absolute;
+ left: 0px;
+ top: 0px;
+ width: 100%;
+ height: auto;
+}
+.pad-right {
+ margin-right: 1em;
+}
+.pad-bottom {
+ margin-bottom: 3em;
+ background: white;
+}
+.z0 { z-index: 0; }
+.z10 { z-index: 10; }
+.z20 { z-index: 20; }
+table.myable {
+ background-color: #ffffff;
+ border-collapse: collapse;
+ border-width: 2px;
+ border-color: #ffcc00;
+ border-style: solid;
+ color: blue;
+}
+table.mytable td, table.mytable th {
+ border-width: 2px;
+ border-color: #ffcc00;
+ border-style: solid;
+ padding: 3px;
+}
+table.mytable thead {
+ background-color: #ffcc00;
+}
+table.quiettable, table.quiettable colgroup, table.quiettable tbody, table.quiettable > th, table.quiettable > tr {
+ border-style: none;
+}
+table.quiettable td {
+ border-style: none;
+ padding: 0 1em;
+}
+table.quiettable thead {
+ border-style: none;
+}
+
+
+</style>
+</head>
+<body>
+<div id='content' class='deck-container'>
+
+<div id='title-slide' class='slide'>
+<h1>Fixing trust on the Internet</h1>
+<h2>Tom Marble <<a href="mailto:tmarble@info9.net">tmarble@info9.net</a>></h2>
+</div>
+
+
+<div id="slide-1" class="outline-2 slide">
+<h2 id="sec-1">Meta</h2>
+<div class="outline-text-2" id="text-1">
+</div><div id="slide-1-1" class="outline-3">
+<h3 id="sec-1-1">This presentation is <i>already</i> online!</h3>
+<div class="outline-text-3" id="text-1-1">
+</div><div id="slide-1-1-1" class="outline-4">
+<h4 id="sec-1-1-1"><a href="https://info9.net/trust">https://info9.net/trust</a></h4>
+<div class="outline-text-4" id="text-1-1-1">
+</div><ul class="org-ul"><li><a id="sec-1-1-1-1" name="sec-1-1-1-1"></a>Navigation<br /><ul class="org-ul"><li><a id="sec-1-1-1-1-1" name="sec-1-1-1-1-1"></a><b>→</b> = forward (swipe right)<br /></li>
+<li><a id="sec-1-1-1-1-2" name="sec-1-1-1-1-2"></a><b>←</b> = back (swipe left)<br /></li>
+<li><a id="sec-1-1-1-1-3" name="sec-1-1-1-1-3"></a><b>g</b> = goto slide<br /></li>
+<li><a id="sec-1-1-1-1-4" name="sec-1-1-1-1-4"></a><b>m</b> = menu of all slides (tap)<br /></li>
+<li><a id="sec-1-1-1-1-5" name="sec-1-1-1-1-5"></a><b>o</b> = one page<br /></li>
+<li><a id="sec-1-1-1-1-6" name="sec-1-1-1-1-6"></a><b>s</b> = scrollbars<br /></li></ul>
+</li>
+<li><a id="sec-1-1-1-2" name="sec-1-1-1-2"></a>Source (<a href="https://github.com/cybercode/org-slides">org-mode</a>): <a href="Fixing-trust-on-the-Internet.tar.xz">Fixing-trust-on-the-Internet.tar.xz</a><br /></li>
+<li><a id="sec-1-1-1-3" name="sec-1-1-1-3"></a>Copyright © 2017 Tom Marble<br /><div class="outline-text-5" id="text-1-1-1-3">
+<p>
+Licensed under { <a href="https://www.gnu.org/licenses/gpl-3.0.html">GPLv3+</a> | <a href="http://creativecommons.org/licenses/by-sa/4.0/">CC-by-sa 4.0</a> | <a href="https://github.com/copyleft-next/copyleft-next">copyleft-next</a> }
+</p>
+<table border="none" cellspacing="0" cellpadding="6" rules="groups" frame="hsides" class="quiettable">
+
+
+<colgroup>
+<col class="left" />
+
+<col class="left" />
+
+<col class="left" />
+</colgroup>
+<tbody>
+<tr>
+<td class="left"><img src="./images/gplv3-127x51.png" alt="gplv3-127x51.png" /></td>
+<td class="left"><img src="./images/CC-by-sa.png" alt="CC-by-sa.png" /></td>
+<td class="left"><img src="./images/copyleft-next.png" alt="copyleft-next.png" /></td>
+</tr>
+</tbody>
+</table>
+</div>
+</li></ul>
+</div>
+</div>
+</div>
+
+<div id="slide-2" class="outline-2 slide">
+<h2 id="sec-2">Software Freedom & Trust</h2>
+<div class="outline-text-2" id="text-2">
+<p>
+Software Freedom is essential to trust the core infrastructure
+that supports our health, safety, and democracy.
+</p>
+</div>
+
+<div id="slide-2-1" class="outline-3">
+<h3 id="sec-2-1">"We need to have confidence in our software, be able to audit it and be able to repair it when we detect vulnerabilities or unwanted functionality like surveillance."</h3>
+<div class="outline-text-3" id="text-2-1">
+<p>
+– Karen Sandler <sup><a id="fnr.1" name="fnr.1" class="footref" href="#references">1</a></sup>
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-3" class="outline-2 slide">
+<h2 id="sec-3">Evolution of using software</h2>
+<div class="outline-text-2" id="text-3">
+</div><div id="slide-3-1" class="outline-3">
+<h3 id="sec-3-1">When we gave each computer a name</h3>
+<div class="outline-text-3" id="text-3-1">
+<p>
+$ tar zxf code.tar.gz && ./configure && make install
+</p>
+</div>
+</div>
+<div id="slide-3-2" class="outline-3">
+<h3 id="sec-3-2">When we configured computers automatically</h3>
+<div class="outline-text-3" id="text-3-2">
+<p>
+PXE boot, puppet, apt-get install my-favorite-package
+</p>
+</div>
+</div>
+<div id="slide-3-3" class="outline-3">
+<h3 id="sec-3-3">When we moved to the cloud</h3>
+<div class="outline-text-3" id="text-3-3">
+<p>
+Use this prebuilt image
+</p>
+</div>
+</div>
+<div id="slide-3-4" class="outline-3">
+<h3 id="sec-3-4">When we started using containers</h3>
+<div class="outline-text-3" id="text-3-4">
+<p>
+Make slight modifications to a prebuilt image
+</p>
+</div>
+</div>
+<div id="slide-3-5" class="outline-3">
+<h3 id="sec-3-5">Now we are considering lambda functions</h3>
+<div class="outline-text-3" id="text-3-5">
+<p>
+There isn't an OS image anymore: just a function
+</p>
+</div>
+</div>
+<div id="slide-3-6" class="outline-3">
+<h3 id="sec-3-6">Most software is installed from the app store</h3>
+<div class="outline-text-3" id="text-3-6">
+<p>
+Just accept the EULA and device permissions
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-4" class="outline-2 slide">
+<h2 id="sec-4">Copyleft isn't enough</h2>
+<div class="outline-text-2" id="text-4">
+</div><div id="slide-4-1" class="outline-3">
+<h3 id="sec-4-1">Network services software is not conveyed</h3>
+<div class="outline-text-3" id="text-4-1">
+<p>
+Our FLOSS licenses (including copyleft licenses) depend on conveyance.
+</p>
+</div>
+<div id="slide-4-1-1" class="outline-4">
+<h4 id="sec-4-1-1">AGPL</h4>
+<div class="outline-text-4" id="text-4-1-1">
+<p>
+AGPL "fixes" this network loophole, but hasn't been adopted
+for wide use in practice other than proprietary relicensing.
+</p>
+</div>
+</div>
+</div>
+<div id="slide-4-2" class="outline-3">
+<h3 id="sec-4-2">What about AI "algorithms"?</h3>
+<div class="outline-text-3" id="text-4-2">
+<p>
+What is the preferred form of modification when software is derived from data (e.g. machine learning)?
+</p>
+</div>
+</div>
+<div id="slide-4-3" class="outline-3">
+<h3 id="sec-4-3">No one picks a license anyway</h3>
+<div class="outline-text-3" id="text-4-3">
+<p>
+We haven't taught developers to care <sup><a id="fnr.2" name="fnr.2" class="footref" href="#references">2</a></sup>
+</p>
+</div>
+</div>
+<div id="slide-4-4" class="outline-3">
+<h3 id="sec-4-4">Most software is installed from the app store</h3>
+<div class="outline-text-3" id="text-4-4">
+<p>
+We haven't taught end users to care
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-5" class="outline-2 slide">
+<h2 id="sec-5">The fifth freedom</h2>
+<div class="outline-text-2" id="text-5">
+<p>
+Freedom 4: The right to deploy your software on someone else's server
+</p>
+</div>
+
+<div id="slide-5-1" class="outline-3">
+<h3 id="sec-5-1">"Even if you had the source code today you don't know how to increase other people's freedoms by letting them modify your website at runtime. All you have is a bag of tricks that let's people modify your source code and gives them no way to deploy it on your infrastructure."</h3>
+<div class="outline-text-3" id="text-5-1">
+<p>
+– r0ml's LCA keynote <sup><a id="fnr.3" name="fnr.3" class="footref" href="#references">3</a></sup>
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-6" class="outline-2 slide">
+<h2 id="sec-6">Essential infrastructure requirements</h2>
+<div class="outline-text-2" id="text-6">
+</div><div id="slide-6-1" class="outline-3">
+<h3 id="sec-6-1">Energy</h3>
+<div class="outline-text-3" id="text-6-1">
+</div><ul class="org-ul"><li><a id="sec-6-1-0-1" name="sec-6-1-0-1"></a>We need energy for computing, yet energy is centralized.<br /></li>
+<li><a id="sec-6-1-0-2" name="sec-6-1-0-2"></a>Smart meters have an API for the utility, not for end users<br /></li></ul>
+</div>
+<div id="slide-6-2" class="outline-3">
+<h3 id="sec-6-2">Communications</h3>
+<div class="outline-text-3" id="text-6-2">
+</div><ul class="org-ul"><li><a id="sec-6-2-0-1" name="sec-6-2-0-1"></a>Why isn't there a free phone? It's the proprietary baseband processor.<br /></li>
+<li><a id="sec-6-2-0-2" name="sec-6-2-0-2"></a>Potential in unlicensed spectrum, Software Defined Radio, Cognitive Radio<br /></li></ul>
+</div>
+<div id="slide-6-3" class="outline-3">
+<h3 id="sec-6-3">Money</h3>
+<div class="outline-text-3" id="text-6-3">
+</div><ul class="org-ul"><li><a id="sec-6-3-0-1" name="sec-6-3-0-1"></a>Digital forms of money (often) have surveillance opportunities<br /></li>
+<li><a id="sec-6-3-0-2" name="sec-6-3-0-2"></a>Anonymous transactions (e.g. cash) are increasingly difficult<br /><div class="outline-text-5" id="text-6-3-0-2">
+<br/>
+<br/>
+<br/>
+<br/>
+<br/>
+<br/>
+<br/>
+<br/>
+</div>
+</li></ul>
+</div>
+</div>
+<div id="slide-7" class="outline-2 slide">
+<h2 id="sec-7">Peer to peer energy <sup><a id="fnr.4" name="fnr.4" class="footref" href="#references">4</a></sup></h2>
+<div class="outline-text-2" id="text-7">
+
+<div class="figure">
+<p><img src="./images/nyt-p2p.jpg" alt="p2p" align="center" />
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-8" class="outline-2 slide">
+<h2 id="sec-8">Mobile apps</h2>
+<div class="outline-text-2" id="text-8">
+<p>
+<img src="./images/Dont-trust-your-apps.jpg" alt="Dont-trust-your-apps.jpg" class="pad-right" align="left" /> <sup><a id="fnr.5" name="fnr.5" class="footref" href="#references">5</a></sup>
+</p>
+</div>
+</div>
+
+<div id="slide-9" class="outline-2 slide">
+<h2 id="sec-9">Where is trust now?</h2>
+<div class="outline-text-2" id="text-9">
+<p>
+<img src="./images/centralized.jpg" alt="centralized.jpg" class="pad-right" align="left" /> <sup><a id="fnr.6" name="fnr.6" class="footref" href="#references">6</a></sup>
+</p>
+</div>
+
+<ul class="org-ul"><li><a id="sec-9-0-0-1" name="sec-9-0-0-1"></a>Credit Bureaus<br /></li>
+<li><a id="sec-9-0-0-2" name="sec-9-0-0-2"></a>eBay (reputation)<br /></li>
+<li><a id="sec-9-0-0-3" name="sec-9-0-0-3"></a>other walled gardens<br /><div class="outline-text-5" id="text-9-0-0-3">
+<p>
+…
+</p>
+
+<p>
+Closed and centralized
+</p>
+</div>
+</li></ul>
+</div>
+
+<div id="slide-10" class="outline-2 slide">
+<h2 id="sec-10">Shape of the solution (part 1/2)</h2>
+<div class="outline-text-2" id="text-10">
+<p>
+Network service trust API
+</p>
+</div>
+
+<div id="slide-10-1" class="outline-3">
+<h3 id="sec-10-1">☙ Federated corroboration of assertions</h3>
+<div class="outline-text-3" id="text-10-1">
+<p>
+Harder to corrupt
+</p>
+</div>
+</div>
+<div id="slide-10-2" class="outline-3">
+<h3 id="sec-10-2">☙ Make and query assertions at the app level</h3>
+<div class="outline-text-3" id="text-10-2">
+<p>
+libtrust.so, libtrust.js
+</p>
+</div>
+</div>
+<div id="slide-10-3" class="outline-3">
+<h3 id="sec-10-3">☙ Transitive with personal vantage point</h3>
+<div class="outline-text-3" id="text-10-3">
+</div><ul class="org-ul"><li><a id="sec-10-3-0-1" name="sec-10-3-0-1"></a>Deb asserts the software is Free and reproducible<br /></li>
+<li><a id="sec-10-3-0-2" name="sec-10-3-0-2"></a>Chris trusts Deb to certify software<br /></li>
+<li><a id="sec-10-3-0-3" name="sec-10-3-0-3"></a>I trust Chris' software certification assessments<br /></li>
+<li><a id="sec-10-3-0-4" name="sec-10-3-0-4"></a>⇒ I am comfortable installing this software<br /></li></ul>
+</div>
+<div id="slide-10-4" class="outline-3">
+<h3 id="sec-10-4">☙ Quick transactions</h3>
+</div>
+</div>
+
+<div id="slide-11" class="outline-2 slide">
+<h2 id="sec-11">You think you know what I'm going to say now…</h2>
+</div>
+
+<div id="slide-12" class="outline-2 slide">
+<h2 id="sec-12">13</h2>
+<div class="outline-text-2" id="text-12">
+
+<div class="figure">
+<p><img src="./images/tm13.png" alt="tm13.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-13" class="outline-2 slide">
+<h2 id="sec-13">12</h2>
+<div class="outline-text-2" id="text-13">
+
+<div class="figure">
+<p><img src="./images/tm12.png" alt="tm12.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-14" class="outline-2 slide">
+<h2 id="sec-14">11</h2>
+<div class="outline-text-2" id="text-14">
+
+<div class="figure">
+<p><img src="./images/tm11.png" alt="tm11.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-15" class="outline-2 slide">
+<h2 id="sec-15">10</h2>
+<div class="outline-text-2" id="text-15">
+
+<div class="figure">
+<p><img src="./images/tm10.png" alt="tm10.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-16" class="outline-2 slide">
+<h2 id="sec-16">9</h2>
+<div class="outline-text-2" id="text-16">
+
+<div class="figure">
+<p><img src="./images/tm09.png" alt="tm09.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-17" class="outline-2 slide">
+<h2 id="sec-17">8</h2>
+<div class="outline-text-2" id="text-17">
+
+<div class="figure">
+<p><img src="./images/tm08.png" alt="tm08.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-18" class="outline-2 slide">
+<h2 id="sec-18">7</h2>
+<div class="outline-text-2" id="text-18">
+
+<div class="figure">
+<p><img src="./images/tm07.png" alt="tm07.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-19" class="outline-2 slide">
+<h2 id="sec-19">6</h2>
+<div class="outline-text-2" id="text-19">
+
+<div class="figure">
+<p><img src="./images/tm06.png" alt="tm06.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-20" class="outline-2 slide">
+<h2 id="sec-20">5</h2>
+<div class="outline-text-2" id="text-20">
+
+<div class="figure">
+<p><img src="./images/tm05.png" alt="tm05.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-21" class="outline-2 slide">
+<h2 id="sec-21">4</h2>
+<div class="outline-text-2" id="text-21">
+
+<div class="figure">
+<p><img src="./images/tm04.png" alt="tm04.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-22" class="outline-2 slide">
+<h2 id="sec-22">3</h2>
+<div class="outline-text-2" id="text-22">
+
+<div class="figure">
+<p><img src="./images/tm03.png" alt="tm03.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-23" class="outline-2 slide">
+<h2 id="sec-23">2</h2>
+<div class="outline-text-2" id="text-23">
+
+<div class="figure">
+<p><img src="./images/tm02.png" alt="tm02.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-24" class="outline-2 slide">
+<h2 id="sec-24">1</h2>
+<div class="outline-text-2" id="text-24">
+
+<div class="figure">
+<p><img src="./images/tm01.png" alt="tm01.png" class="fullscreen" />
+</p>
+</div>
+</div>
+</div>
+<div id="slide-25" class="outline-2 slide">
+<h2 id="sec-25">GPG WoT</h2>
+<div class="outline-text-2" id="text-25">
+<p>
+nah :(
+</p>
+</div>
+
+<div id="slide-25-1" class="outline-3">
+<h3 id="sec-25-1">The GPG Web of Trust asserts identity</h3>
+<div class="outline-text-3" id="text-25-1">
+</div><ul class="org-ul"><li><a id="sec-25-1-0-1" name="sec-25-1-0-1"></a>The trustdb is private<br /></li>
+<li><a id="sec-25-1-0-2" name="sec-25-1-0-2"></a>Keyservers are not designed for other data<br /></li></ul>
+</div>
+<div id="slide-25-2" class="outline-3">
+<h3 id="sec-25-2">Using PGP is tricky for us</h3>
+<div class="outline-text-3" id="text-25-2">
+</div><ul class="org-ul"><li><a id="sec-25-2-0-1" name="sec-25-2-0-1"></a>Choosing algos and signature strengths<br /></li>
+<li><a id="sec-25-2-0-2" name="sec-25-2-0-2"></a>Protecting key material<br /></li>
+<li><a id="sec-25-2-0-3" name="sec-25-2-0-3"></a>Not getting fooled by EVIL-32 <sup><a id="fnr.7" name="fnr.7" class="footref" href="#references">7</a></sup><br /></li></ul>
+</div>
+<div id="slide-25-3" class="outline-3">
+<h3 id="sec-25-3">Impossibly difficult for end users</h3>
+<div class="outline-text-3" id="text-25-3">
+</div><ul class="org-ul"><li><a id="sec-25-3-0-1" name="sec-25-3-0-1"></a>Sharing public keys<br /></li>
+<li><a id="sec-25-3-0-2" name="sec-25-3-0-2"></a>Configuring applications properly<br /></li></ul>
+</div>
+</div>
+
+<div id="slide-26" class="outline-2 slide">
+<h2 id="sec-26">You think you know what I'm going to say NOW…</h2>
+</div>
+
+<div id="slide-27" class="outline-2 slide">
+<h2 id="sec-27">Bitcoin</h2>
+<div class="outline-text-2" id="text-27">
+
+<div class="figure">
+<p><img src="./images/bitcoin.svg" alt="bitcoin.svg" class="pad-bottom" height="300px" />
+</p>
+</div>
+
+<p>
+In Satoshi Nakamoto we trust! <sup><a id="fnr.8" name="fnr.8" class="footref" href="#references">8</a></sup>
+</p>
+</div>
+</div>
+
+<div id="slide-28" class="outline-2 slide">
+<h2 id="sec-28">Hyperledger</h2>
+<div class="outline-text-2" id="text-28">
+
+<div class="figure">
+<p><img src="./images/logo_hl_new.png" alt="logo_hl_new.png" class="pad-bottom" />
+</p>
+</div>
+
+<p>
+It's hosted by the Linux Foundation. That means it's community friendly… rite? <sup><a id="fnr.9" name="fnr.9" class="footref" href="#references">9</a></sup>
+</p>
+</div>
+</div>
+
+<div id="slide-29" class="outline-2 slide">
+<h2 id="sec-29">Ethereum</h2>
+<div class="outline-text-2" id="text-29">
+
+<div class="figure">
+<p><img src="./images/ethereum.png" alt="ethereum.png" class="pad-bottom" />
+</p>
+</div>
+
+<p>
+Companies use it for smart contracts! <sup><a id="fnr.10" name="fnr.10" class="footref" href="#references">10</a></sup>
+</p>
+</div>
+</div>
+
+<div id="slide-30" class="outline-2 slide">
+<h2 id="sec-30">Zcash</h2>
+<div class="outline-text-2" id="text-30">
+
+<div class="figure">
+<p><img src="./images/zcash-logo-gold.png" alt="zcash-logo-gold.png" class="pad-bottom" />
+</p>
+</div>
+
+<p>
+Zooko and Matthew Green <sup><a id="fnr.11" name="fnr.11" class="footref" href="#references">11</a></sup>
+</p>
+</div>
+</div>
+
+<div id="slide-31" class="outline-2 slide">
+<h2 id="sec-31">DogeCoin</h2>
+<div class="outline-text-2" id="text-31">
+
+<div class="figure">
+<p><img src="./images/dogecoin.png" alt="dogecoin.png" class="pad-bottom" />
+</p>
+</div>
+
+<p>
+That's the MEME! <sup><a id="fnr.12" name="fnr.12" class="footref" href="#references">12</a></sup>
+</p>
+</div>
+</div>
+
+<div id="slide-32" class="outline-2 slide">
+<h2 id="sec-32">nah :(</h2>
+<div class="outline-text-2" id="text-32">
+<p>
+Wait, why NOT blockchain tech?
+</p>
+</div>
+<div id="slide-32-1" class="outline-3">
+<h3 id="sec-32-1">centralized – in effect</h3>
+<div class="outline-text-3" id="text-32-1">
+<p>
+Domination by huge mining pools
+</p>
+</div>
+</div>
+<div id="slide-32-2" class="outline-3">
+<h3 id="sec-32-2">bandwidth limited</h3>
+<div class="outline-text-3" id="text-32-2">
+<p>
+Time to process transactions long and variable
+</p>
+</div>
+</div>
+<div id="slide-32-3" class="outline-3">
+<h3 id="sec-32-3">transaction fees</h3>
+<div class="outline-text-3" id="text-32-3">
+<p>
+Start to look like PayPal fees
+</p>
+</div>
+</div>
+<div id="slide-32-4" class="outline-3">
+<h3 id="sec-32-4">a waste of energy</h3>
+<div class="outline-text-3" id="text-32-4">
+<p>
+Brute forcing hashes is bad <sup><a id="fnr.13" name="fnr.13" class="footref" href="#references">13</a></sup> for the environment <sup><a id="fnr.14" name="fnr.14" class="footref" href="#references">14</a></sup>
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-33" class="outline-2 slide">
+<h2 id="sec-33">Great barrier reef</h2>
+<div class="outline-text-2" id="text-33">
+<table border="none" cellspacing="0" cellpadding="6" rules="groups" frame="hsides" class="quiettable">
+
+
+<colgroup>
+<col class="left" />
+
+<col class="left" />
+
+<col class="left" />
+</colgroup>
+<tbody>
+<tr>
+<td class="left">not fake news</td>
+<td class="left"><img src="./images/reef-death.jpg" alt="reef-death.jpg" /></td>
+<td class="left"><sup><a id="fnr.15" name="fnr.15" class="footref" href="#references">15</a></sup></td>
+</tr>
+</tbody>
+</table>
+</div>
+</div>
+
+<div id="slide-34" class="outline-2 slide">
+<h2 id="sec-34">What we need is..</h2>
+<div class="outline-text-2" id="text-34">
+<p>
+What's the essential thing the blockchain solves
+</p>
+</div>
+
+<div id="slide-34-1" class="outline-3">
+<h3 id="sec-34-1">non-repudiation</h3>
+</div>
+</div>
+
+<div id="slide-35" class="outline-2 slide">
+<h2 id="sec-35">Learn by example</h2>
+<div class="outline-text-2" id="text-35">
+
+<div class="figure">
+<p><img src="./images/mall_logo1_medium-300x286.png" alt="mall_logo1_medium-300x286.png" class="pad-right" align="left" />
+</p>
+</div>
+</div>
+
+<ul class="org-ul"><li><a id="sec-35-0-0-1" name="sec-35-0-0-1"></a>The tire fire that is X.509 <sup><a id="fnr.16" name="fnr.16" class="footref" href="#references">16</a></sup><br /></li>
+<li><a id="sec-35-0-0-2" name="sec-35-0-0-2"></a>MiTM on the internet <sup><a id="fnr.17" name="fnr.17" class="footref" href="#references">17</a></sup><br /><ul class="org-ul"><li><a id="sec-35-0-0-2-1" name="sec-35-0-0-2-1"></a>4.0% of Firefox update connections<br /></li>
+<li><a id="sec-35-0-0-2-2" name="sec-35-0-0-2-2"></a>6.2% of e-commerce connections<br /></li>
+<li><a id="sec-35-0-0-2-3" name="sec-35-0-0-2-3"></a>10.9% of U.S. Cloudflare connections<br /></li></ul>
+</li></ul>
+</div>
+
+<div id="slide-36" class="outline-2 slide">
+<h2 id="sec-36">Certificate Transparency</h2>
+<div class="outline-text-2" id="text-36">
+</div><div id="slide-36-1" class="outline-3">
+<h3 id="sec-36-1">Use append-only logs to record certificate signatures <sup><a id="fnr.18" name="fnr.18" class="footref" href="#references">18</a></sup></h3>
+<div class="outline-text-3" id="text-36-1">
+</div><ul class="org-ul"><li><a id="sec-36-1-0-1" name="sec-36-1-0-1"></a>Early detection of misissued certificates, malicious certificates, and rogue CAs.<br /></li>
+<li><a id="sec-36-1-0-2" name="sec-36-1-0-2"></a>Faster mitigation after suspect certificates or CAs are detected.<br /></li>
+<li><a id="sec-36-1-0-3" name="sec-36-1-0-3"></a>Better oversight of the entire TLS/SSL system.<br /></li></ul>
+</div>
+<div id="slide-36-2" class="outline-3">
+<h3 id="sec-36-2">Browser support</h3>
+<div class="outline-text-3" id="text-36-2">
+</div><ul class="org-ul"><li><a id="sec-36-2-0-1" name="sec-36-2-0-1"></a>Chrome <sup><a id="fnr.19" name="fnr.19" class="footref" href="#references">19</a></sup><br /></li>
+<li><a id="sec-36-2-0-2" name="sec-36-2-0-2"></a>Firefox <sup><a id="fnr.20" name="fnr.20" class="footref" href="#references">20</a></sup><br /></li></ul>
+</div>
+<div id="slide-36-3" class="outline-3">
+<h3 id="sec-36-3">Ongoing concerns and discussion <sup><a id="fnr.21" name="fnr.21" class="footref" href="#references">21</a></sup></h3>
+<div class="outline-text-3" id="text-36-3">
+</div><ul class="org-ul"><li><a id="sec-36-3-0-1" name="sec-36-3-0-1"></a>RFC 6962 <sup><a id="fnr.22" name="fnr.22" class="footref" href="#references">22</a></sup><br /></li></ul>
+</div>
+</div>
+
+<div id="slide-37" class="outline-2 slide">
+<h2 id="sec-37">Append-only logs</h2>
+<div class="outline-text-2" id="text-37">
+</div><div id="slide-37-1" class="outline-3">
+<h3 id="sec-37-1">Merkle Trees <sup><a id="fnr.23" name="fnr.23" class="footref" href="#references">23</a></sup></h3>
+<div class="outline-text-3" id="text-37-1">
+<p>
+Tree of hashes, provides log(n) performance
+</p>
+</div>
+</div>
+<div id="slide-37-2" class="outline-3">
+<h3 id="sec-37-2">eXtended Merkle Signature Scheme (XMSS) <sup><a id="fnr.24" name="fnr.24" class="footref" href="#references">24</a></sup></h3>
+<div class="outline-text-3" id="text-37-2">
+<p>
+Requires maintaining state (not portable)
+</p>
+</div>
+</div>
+<div id="slide-37-3" class="outline-3">
+<h3 id="sec-37-3">SPHINCS <sup><a id="fnr.25" name="fnr.25" class="footref" href="#references">25</a></sup></h3>
+<div class="outline-text-3" id="text-37-3">
+<p>
+Stateless <sup><a id="fnr.26" name="fnr.26" class="footref" href="#references">26</a></sup>
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-38" class="outline-2 slide">
+<h2 id="sec-38">Generic use of append-only logs</h2>
+<div class="outline-text-2" id="text-38">
+</div><div id="slide-38-1" class="outline-3">
+<h3 id="sec-38-1">Trillian <sup><a id="fnr.27" name="fnr.27" class="footref" href="#references">27</a></sup></h3>
+<div class="outline-text-3" id="text-38-1">
+<p>
+Merkle tree based
+</p>
+</div>
+</div>
+<div id="slide-38-2" class="outline-3">
+<h3 id="sec-38-2">Cothority <sup><a id="fnr.28" name="fnr.28" class="footref" href="#references">28</a></sup></h3>
+<div class="outline-text-3" id="text-38-2">
+<p>
+Multi-party cryptographic signatures to avoid backdoors
+</p>
+</div>
+</div>
+<div id="slide-38-3" class="outline-3">
+<h3 id="sec-38-3">Codehash <sup><a id="fnr.29" name="fnr.29" class="footref" href="#references">29</a></sup></h3>
+<div class="outline-text-3" id="text-38-3">
+<p>
+A simple oracle that answers a simple question: is this software safe to install and run? <sup><a id="fnr.30" name="fnr.30" class="footref" href="#references">30</a></sup>
+</p>
+</div>
+</div>
+</div>
+
+<div id="slide-39" class="outline-2 slide">
+<h2 id="sec-39">Challenges</h2>
+<div class="outline-text-2" id="text-39">
+</div><div id="slide-39-1" class="outline-3">
+<h3 id="sec-39-1">Toxic Data</h3>
+<div class="outline-text-3" id="text-39-1">
+</div><ul class="org-ul"><li><a id="sec-39-1-0-1" name="sec-39-1-0-1"></a>Allow deletion? Possible vulnerabilities in allowing log altering<br /></li>
+<li><a id="sec-39-1-0-2" name="sec-39-1-0-2"></a>Prohibit deletion? Permanent toxicity: no way to be forgotten<br /></li></ul>
+</div>
+<div id="slide-39-2" class="outline-3">
+<h3 id="sec-39-2">Spam</h3>
+<div class="outline-text-3" id="text-39-2">
+</div><ul class="org-ul"><li><a id="sec-39-2-0-1" name="sec-39-2-0-1"></a>Open log with arbitrary input data?<br /></li>
+<li><a id="sec-39-2-0-2" name="sec-39-2-0-2"></a>vs. CT only allowing root authorities?<br /></li></ul>
+</div>
+<div id="slide-39-3" class="outline-3">
+<h3 id="sec-39-3">Astroturfing</h3>
+<div class="outline-text-3" id="text-39-3">
+</div><ul class="org-ul"><li><a id="sec-39-3-0-1" name="sec-39-3-0-1"></a>Can the network be overwhelmed?<br /></li>
+<li><a id="sec-39-3-0-2" name="sec-39-3-0-2"></a>vs. Is the personal vantage point immune?<br /></li></ul>
+</div>
+<div id="slide-39-4" class="outline-3">
+<h3 id="sec-39-4">Writing crypto safe code is difficult</h3>
+</div>
+</div>
+
+<div id="slide-40" class="outline-2 slide">
+<h2 id="sec-40">Best Practices</h2>
+<div class="outline-text-2" id="text-40">
+</div><div id="slide-40-1" class="outline-3">
+<h3 id="sec-40-1">Free Software with Complete and Corresponding Source</h3>
+</div>
+<div id="slide-40-2" class="outline-3">
+<h3 id="sec-40-2">Code review</h3>
+<div class="outline-text-3" id="text-40-2">
+</div><ul class="org-ul"><li><a id="sec-40-2-0-1" name="sec-40-2-0-1"></a>Avoid the OpenSSL problem<br /></li></ul>
+</div>
+<div id="slide-40-3" class="outline-3">
+<h3 id="sec-40-3">Reproducible builds</h3>
+</div>
+<div id="slide-40-4" class="outline-3">
+<h3 id="sec-40-4">Automated, Continuous integration</h3>
+<div class="outline-text-3" id="text-40-4">
+</div><ul class="org-ul"><li><a id="sec-40-4-0-1" name="sec-40-4-0-1"></a>static analysis (ASAN)<br /></li>
+<li><a id="sec-40-4-0-2" name="sec-40-4-0-2"></a>coverage<br /></li>
+<li><a id="sec-40-4-0-3" name="sec-40-4-0-3"></a>fuzzing<br /></li>
+<li><a id="sec-40-4-0-4" name="sec-40-4-0-4"></a>tests against threats<br /></li></ul>
+</div>
+<div id="slide-40-5" class="outline-3">
+<h3 id="sec-40-5">As a developer you do NOT want to be a target</h3>
+<div class="outline-text-3" id="text-40-5">
+</div><ul class="org-ul"><li><a id="sec-40-5-0-1" name="sec-40-5-0-1"></a>want to do be right by your users<br /></li>
+<li><a id="sec-40-5-0-2" name="sec-40-5-0-2"></a>the checks & balances keep developers from being vulnerable<br /></li></ul>
+</div>
+</div>
+
+<div id="slide-41" class="outline-2 slide">
+<h2 id="sec-41">Shape of the solution (part 2/2)</h2>
+<div class="outline-text-2" id="text-41">
+</div><div id="slide-41-1" class="outline-3">
+<h3 id="sec-41-1">Research similar work</h3>
+<div class="outline-text-3" id="text-41-1">
+</div><ul class="org-ul"><li><a id="sec-41-1-0-1" name="sec-41-1-0-1"></a>append-only log alternatives<br /></li>
+<li><a id="sec-41-1-0-2" name="sec-41-1-0-2"></a>Application Transparency<br /></li>
+<li><a id="sec-41-1-0-3" name="sec-41-1-0-3"></a>Binary Transparency <sup><a id="fnr.31" name="fnr.31" class="footref" href="#references">31</a></sup><br /></li></ul>
+</div>
+<div id="slide-41-2" class="outline-3">
+<h3 id="sec-41-2">Address the Challenges</h3>
+</div>
+<div id="slide-41-3" class="outline-3">
+<h3 id="sec-41-3">Use Best Practices</h3>
+</div>
+<div id="slide-41-4" class="outline-3">
+<h3 id="sec-41-4">Under the umbrella of a fiscal sponsorship organization</h3>
+<div class="outline-text-3" id="text-41-4">
+</div><ul class="org-ul"><li><a id="sec-41-4-0-1" name="sec-41-4-0-1"></a>Governance review<br /></li></ul>
+</div>
+</div>
+
+<div id="slide-42" class="outline-2 slide">
+<h2 id="sec-42">Software Freedom Conservancy</h2>
+<div class="outline-text-2" id="text-42">
+<p>
+Why you should support Conservancy:
+</p>
+</div>
+
+<div id="slide-42-1" class="outline-3">
+<h3 id="sec-42-1">🌲 supports diversity and is home to Outreachy <sup><a id="fnr.32" name="fnr.32" class="footref" href="#references">32</a></sup></h3>
+</div>
+<div id="slide-42-2" class="outline-3">
+<h3 id="sec-42-2">🌲 helps hackers: ContractPatch <sup><a id="fnr.33" name="fnr.33" class="footref" href="#references">33</a></sup></h3>
+</div>
+<div id="slide-42-3" class="outline-3">
+<h3 id="sec-42-3">🌲 is a 501(c)3 charity supported by individuals <sup><a id="fnr.34" name="fnr.34" class="footref" href="#references">34</a></sup></h3>
+<div class="outline-text-3" id="text-42-3">
+</div><div id="slide-42-3-1" class="outline-4">
+<h4 id="sec-42-3-1">Please join today!</h4>
+<div class="outline-text-4" id="text-42-3-1">
+<p>
+<a href="https://sfconservancy.org/">https://sfconservancy.org/</a>
+</p>
+
+<p>
+<b>disclaimer: I'm on the Conservancy Evaluation Committee</b>
+</p>
+</div>
+</div>
+</div>
+</div>
+
+<div id="slide-43" class="outline-2 slide">
+<h2 id="sec-43">Possible first use case: Debian</h2>
+<div class="outline-text-2" id="text-43">
+<p>
+Protect against compromised repositories
+</p>
+</div>
+
+<div id="slide-43-1" class="outline-3">
+<h3 id="sec-43-1">On package publication (by the Debian project)</h3>
+<div class="outline-text-3" id="text-43-1">
+</div><ul class="org-ul"><li><a id="sec-43-1-0-1" name="sec-43-1-0-1"></a>put package signature into an append-only log<br /></li></ul>
+</div>
+<div id="slide-43-2" class="outline-3">
+<h3 id="sec-43-2">On package installation (by the user, via apt-get plugin)</h3>
+<div class="outline-text-3" id="text-43-2">
+</div><ul class="org-ul"><li><a id="sec-43-2-0-1" name="sec-43-2-0-1"></a>verify package signatures with the log<br /></li>
+<li><a id="sec-43-2-0-2" name="sec-43-2-0-2"></a>publish suspicious checksum to an auditor<br /></li>
+<li><a id="sec-43-2-0-3" name="sec-43-2-0-3"></a>option to not install mismatched packages<br /></li></ul>
+</div>
+</div>
+
+<div id="slide-44" class="outline-2 slide">
+<h2 id="sec-44">Why talk trust at LibrePlanet?</h2>
+<div class="outline-text-2" id="text-44">
+</div><div id="slide-44-1" class="outline-3">
+<h3 id="sec-44-1">Because of the people in this room!</h3>
+<div class="outline-text-3" id="text-44-1">
+</div><ul class="org-ul"><li><a id="sec-44-1-0-1" name="sec-44-1-0-1"></a>We understand the tech<br /></li>
+<li><a id="sec-44-1-0-2" name="sec-44-1-0-2"></a>We understand why trust matters to end users<br /></li>
+<li><a id="sec-44-1-0-3" name="sec-44-1-0-3"></a>We are the peer reviewers<br /></li></ul>
+</div>
+<div id="slide-44-2" class="outline-3">
+<h3 id="sec-44-2">Need to reach more than just developers…</h3>
+<div class="outline-text-3" id="text-44-2">
+</div><ul class="org-ul"><li><a id="sec-44-2-0-1" name="sec-44-2-0-1"></a>User experience experts<br /></li>
+<li><a id="sec-44-2-0-2" name="sec-44-2-0-2"></a>Lawyers: How to reprise the "hack on copyright" to protect network services<br /></li>
+<li><a id="sec-44-2-0-3" name="sec-44-2-0-3"></a>Activists: Help end users understand and care!<br /></li></ul>
+</div>
+</div>
+
+<div id="slide-45" class="outline-2 slide">
+<h2 id="sec-45">Q/A & Where we go from here</h2>
+<div class="outline-text-2" id="text-45">
+</div><div id="slide-45-1" class="outline-3">
+<h3 id="sec-45-1">Call to action: Join the [trust-api] mailing list</h3>
+<div class="outline-text-3" id="text-45-1">
+<p>
+<a href="http://lists.info9.net/mailman/listinfo/trust-api">http://lists.info9.net/mailman/listinfo/trust-api</a>
+</p>
+</div>
+</div>
+<div id="slide-45-2" class="outline-3">
+<h3 id="sec-45-2">Cuddles asks a question??? <sup><a id="fnr.35" name="fnr.35" class="footref" href="#references">35</a></sup></h3>
+<div class="outline-text-3" id="text-45-2">
+
+<div class="figure">
+<p><img src="./images/cuddles-qa.jpg" alt="Cuddles" align="center" />
+</p>
+</div>
+</div>
+</div>
+</div>
+
+<div id="references" class="outline-2 slide">
+<h2 id="sec-46">References</h2>
+<div class="outline-text-2" id="text-46">
+<p>
+Footnote references (press 's' for scrollbars)
+</p>
+<input type="button" value="◁" onclick="window.history.back()"/>
+<ol>
+
+<li id="fn:1"> <a href="https://sfconservancy.org/blog/2016/dec/29/software-freedom-after-trump/">https://sfconservancy.org/blog/2016/dec/29/software-freedom-after-trump/</a>
+
+<li id="fn:2"> See 48:35 in r0ml's talk on how the minority of GitHub projects actually have a license:
+<a href="https://www.youtube.com/watch?v=i3nJR7PNgI4&feature=youtu.be&t=2915">https://www.youtube.com/watch?v=i3nJR7PNgI4&feature=youtu.be&t=2915</a>
+
+<li id="fn:3"> <a href="https://www.youtube.com/watch?v=i3nJR7PNgI4">https://www.youtube.com/watch?v=i3nJR7PNgI4</a>
+
+<li id="fn:4"> <a href="https://www.nytimes.com/2017/03/13/business/energy-environment/brooklyn-solar-grid-energy-trading.html">https://www.nytimes.com/2017/03/13/business/energy-environment/brooklyn-solar-grid-energy-trading.html</a>
+
+<li id="fn:5"> <a href="http://www.usatoday.com/story/tech/news/2017/03/06/mapping-software-routing-waze-google-traffic-calming-algorithmsi/98588980/">http://www.usatoday.com/story/tech/news/2017/03/06/mapping-software-routing-waze-google-traffic-calming-algorithmsi/98588980/</a>
+
+<li id="fn:6"> <a href="https://archive.fosdem.org/2014/schedule/event/network_freedom/">https://archive.fosdem.org/2014/schedule/event/network_freedom/</a>
+
+<li id="fn:7"> <a href="https://evil32.com/">https://evil32.com/</a>
+
+<li id="fn:8"> <a href="https://bitcoin.org/en/">https://bitcoin.org/en/</a>
+
+<li id="fn:9"> <a href="https://www.hyperledger.org/">https://www.hyperledger.org/</a>
+
+<li id="fn:10"> <a href="https://www.ethereum.org/">https://www.ethereum.org/</a>
+
+<li id="fn:11"> <a href="https://z.cash/">https://z.cash/</a>
+
+<li id="fn:12"> <a href="http://dogecoin.com/">http://dogecoin.com/</a>
+
+<li id="fn:13"> <a href="http://www.abc.net.au/news/2015-10-06/quiggin-bitcoins-are-a-waste-of-energy/6827940">http://www.abc.net.au/news/2015-10-06/quiggin-bitcoins-are-a-waste-of-energy/6827940</a>
+
+<li id="fn:14"> <a href="https://www.bitcoinmining.com/is-bitcoin-mining-waste-electricity/">https://www.bitcoinmining.com/is-bitcoin-mining-waste-electricity/</a>
+
+<li id="fn:15"> <a href="http://www.news.com.au/technology/environment/natural-wonders/before-and-after-great-barrier-reef-photos-expose-shocking-realities-of-coral-bleaching/news-story/527d7599f160532474b27f1ca26fdbfc">http://www.news.com.au/technology/environment/natural-wonders/before-and-after-great-barrier-reef-photos-expose-shocking-realities-of-coral-bleaching/news-story/527d7599f160532474b27f1ca26fdbfc</a>
+
+<li id="fn:16"> Security Now, Epsiode #599
+<a href="https://www.grc.com/securitynow.htm">https://www.grc.com/securitynow.htm</a>
+
+<li id="fn:17"> <a href="https://jhalderm.com/pub/papers/interception-ndss17.pdf">https://jhalderm.com/pub/papers/interception-ndss17.pdf</a>
+
+<li id="fn:18"> <a href="https://www.certificate-transparency.org/">https://www.certificate-transparency.org/</a>
+
+<li id="fn:19"> <a href="https://www.thesslstore.com/blog/google-chrome-certificate-transparency-2017/">https://www.thesslstore.com/blog/google-chrome-certificate-transparency-2017/</a>
+
+<li id="fn:20"> <a href="https://www.thesslstore.com/blog/firefox-certificate-transparency/">https://www.thesslstore.com/blog/firefox-certificate-transparency/</a>
+
+<li id="fn:21"> <a href="https://www.ietf.org/mailman/listinfo/trans">https://www.ietf.org/mailman/listinfo/trans</a>
+
+<li id="fn:22"> <a href="https://datatracker.ietf.org/doc/rfc6962/">https://datatracker.ietf.org/doc/rfc6962/</a>
+
+<li id="fn:23"> <a href="https://en.wikipedia.org/wiki/Merkle_tree">https://en.wikipedia.org/wiki/Merkle_tree</a>
+
+<li id="fn:24"> <a href="https://eprint.iacr.org/2011/484.pdf">https://eprint.iacr.org/2011/484.pdf</a>
+
+<li id="fn:25"> <a href="https://sphincs.cr.yp.to/">https://sphincs.cr.yp.to/</a>
+
+<li id="fn:26"> <a href="https://cryptoservices.github.io/quantum/2015/12/08/XMSS-and-SPHINCS.html">https://cryptoservices.github.io/quantum/2015/12/08/XMSS-and-SPHINCS.html</a>
+
+<li id="fn:27"> <a href="https://github.com/google/trillian">https://github.com/google/trillian</a>
+
+<li id="fn:28"> <a href="https://boingboing.net/2016/03/10/using-distributed-code-signatu.html">https://boingboing.net/2016/03/10/using-distributed-code-signatu.html</a>
+
+<li id="fn:29"> <a href="https://github.com/rootkovska/codehash.db">https://github.com/rootkovska/codehash.db</a>
+
+<li id="fn:30"> <a href="https://secure-os.org/pipermail/desktops/2016-November/000143.html">https://secure-os.org/pipermail/desktops/2016-November/000143.html</a>
+
+<li id="fn:31"> <a href="https://github.com/FreeBSDFoundation/binary-transparency-notes">https://github.com/FreeBSDFoundation/binary-transparency-notes</a>
+
+<li id="fn:32"> <a href="https://www.gnome.org/outreachy/">https://www.gnome.org/outreachy/</a>
+
+<li id="fn:33"> <a href="https://sfconservancy.org/blog/?tag=ContractPatch">https://sfconservancy.org/blog/?tag=ContractPatch</a>
+
+<li id="fn:34"> <a href="https://sfconservancy.org/supporter/">https://sfconservancy.org/supporter/</a>
+
+<li id="fn:35"> cuddles: Copyright © 2017 Tom Marble, CC-by-sa 4.0</ol>
+</div>
+</div>
+
+
+<!-- Place the following snippet at the bottom of the deck container. -->
+<p class="deck-status" aria-role="status">
+ <span class="deck-status-current"></span>
+ /
+ <span class="deck-status-total"></span>
+</p>
+
+<!-- Place the following snippet at the bottom of the deck container. -->
+<div aria-role="navigation">
+ <a href="#" class="deck-prev-link" title="Previous">←</a>
+ <a href="#" class="deck-next-link" title="Next">→</a>
+</div>
+
+<!-- Place the following snippet at the bottom of the deck container. -->
+<form action="." method="get" class="goto-form">
+ <label for="goto-slide">Go to slide:</label>
+ <input type="text" name="slidenum" id="goto-slide" list="goto-datalist">
+ <datalist id="goto-datalist"></datalist>
+ <input type="submit" value="Go">
+</form>
+
+</div>
+</body>
+</html>
projects / lp17-speaker-slides.git / blobdiff