Managing Identities in the FreedomBox

One of the primary goals of the FreedomBox project is to enforce its owner's and user's privacy, both in communication and data. For this reason, user and identity management is a core problem to address in the design.

There are a lot of options out there that might be worth considering. Still a lot of them are ongoing works in progress, related to a particular service, or have other limitations.

This page is aimed to define what features the user/identity management should have, and what tools/design can be used to achieve this goals.

This is a Work In Progress(tm). Please help refine this feature definition.



Using GnuPG

Using ?GnuPG as part of the solution has advantages:

But also drawbacks:

If this option is chosen, it will probably require a lot of work to build a more intuitive User Interface.


Here is a draft of one way to use GnuPG as the core identity management option.

tools to evaluate


The MonkeySphere project improves on ?TLS using a WOT (Web Of Trust), so monkeysphere seems to be a good candidate for use in the FreedomBox project.

PGP certificates and X.509 certificates

Monkeysphere can create a PGP certificate based on an existing X.509 certificate by extracting its RSA key.

There's a post on Stackoverflow about doing it the other way around, creating a X.509 cert based on a pgp-cert.

Bruno Harbulot wrote a Java class providing a PGP-X509 bridge.


A WebID is a way to uniquely identify a person, company, organisation, or other agent using a URI.

FOAF (Friend of a Friend)

The FOAF (Friend of a Friend) project is creating a Web of machine-readable pages describing people, the links between them and the things they create and do