The keys are tied to the sip account used inside the app, the uuid is for example for sip:a...@sip2sip.info
The app generates these keys on the fly as they do not yet exists anywhere. Also one can replicate these keys among devices to make sure one can read them on all devices. If, when using the same identity as one’s email, for example then you would want to reuse an existing key, maybe? Considering the I start the client, I have a SIP account and want to talk to someone lets say leena...@example.com <mailto:leena...@example.com> I believe that is fine if I can retrieve the key prior to start a chat. But what is the benefit as at the destination one needs a compatible client as well and the moment you start it, it will generate a new key and exchange it automatically with the other end-point. So the user need not be aware about this key exchange, as knowing about it would introduce complexity (manage the key manually) So I am struggling with understanding the possible benefits of importing and exporting these keys in to an end-to-end delivery system that takes care automatically about this complexity. Adrian > On 24 Jun 2021, at 11:08, michiel...@nlnet.nl wrote: > > Signed PGP part > Hi Adrian, > >> Given that the keys can be used only inside the app, so one must have the >> app to make sue of the keys, and the app automatically manages these keys >> and exchange them, what would be the benefit of a lookup function in a >> public repository for keys? > > keys must be obtained in some way. You can of course get them directly from > your contacts, and there are a number of mechanisms you could use like > keyservers (e.g. https://keys.openpgp.org), Web Key Directory, DNS records > (OPENPGPKEY records), a service like Keyoxide (https://keyoxide.org) or just > plain from the website of your organisation > (https://nlnet.nl/people/leenaars.key). The more automated it is, the less > likely users are to use it. > > We are supporting some of these efforts as NLnet, so if you want to get in > touch let me know. > > Best, > Michiel > >>>>> * Implement message encryption using OpenPGP >>>> >>>> THis sounds great. Do you have more information on the implementation. Is >>>> it only MESSAGE or SIP messages in general? Have you implemented PGP key >>>> lookup somehow? >>> >>> Only SIP Message. >>> >>> We have not implement key lookup but it could be easily added, I suppose.. > > > -- > Support NLnet, the open internet and open source with just 5 minutes > of your time. Make a difference today. > > Visit: http://nlnet.nl/help (English) - http://nlnet.nl/ayuda (Espanol) > > - --------------------- > > Do you know people that have ideas to improve the internet? Or maybe you have > such an idea yourself? Check out what we can do for you at > https://nlnet.nl/propose and apply! > >
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Blink mailing list Blink@lists.ag-projects.com https://lists.ag-projects.com/mailman/listinfo/blink
