SSH key-based authentication is tried-and-true, but it lacks a true
Public Key Infrastructure for key certification, revocation and
expiration. Monkeysphere is a framework that uses the OpenPGP web of
trust for these PKI functions. It can be used in both directions: for
users to get validated host keys, and for hosts to authenticate users.
Submitted by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>