Joseph Bonneau, one of the paper's authors, talked about this in the Stanford Computer (course EE380) during Autumn quarter.<p>The talk's abstract: <a href="http://ee380.stanford.edu/Abstracts/161130.html" rel="nofollow">http://ee380.stanford.edu/Abstracts/161130.html</a><p>A video: <a href="http://ee380.stanford.edu/Abstracts/161130-video.html" rel="nofollow">http://ee380.stanford.edu/Abstracts/161130-video.html</a><p>One thing I didn't understand, is that CONIKS is not something where clients can insert keys in an unrestricted manner: There is a gatekeeper (run by the service provider), who does some sort of testing/control before inserting a new key.
Google's Key Transparency project [1] is based on this.<p>[1] <a href="https://security.googleblog.com/2017/01/security-through-transparency.html?m=1" rel="nofollow">https://security.googleblog.com/2017/01/security-through-tra...</a>