Communicating public keys:  A functional specification

A functional specification tells us how the user uses it, what he sees, and what it does for him. It does not tell us how we manage to do it for him.

The problem is that you want to tell someone over the phone, or on a napkin, or face to face, information that will enable his client to securely obtain your public key and network location so that end to end secured communication can take place.

Also a chatroom's public key and network location.

We do not necessarily protect against security agencies figuring out which public key is talking to which public key. That issue is out of the scope of a functional specification, but we somewhat reduce the usefulness of this information by allowing people to have lots of public keys. So you probably have one key for activities that show your unusual sexual preference, another key for job related activities, another key for tax evasion related activities, another key for gun running, and yet another for attempts to overthrow the regime.

Face to face:

   Identifying information is nym, face, and location.

   Recipient looks up the nym, sees a bunch of faces grouped by
   geographic area.  Geographic are usually, but not necessarily, has
   some relation to users actual location, and may be very specific, or
   very broad.  It is a tree.  One guy may locate his face at the node
   "North America", another at the node New York, North America.  You
   may, of course, employ a well known cartoon character or movie star
   as your avatar instead of your actual face.   Fictional places are
   permitted, but to avoid filling the namespace, not on the tree that
   represents the real planet earth.



Over the phone.

   Recipient looks up phone number.  Finds a bunch of named keys
   associated with the phone number - usually one key or a quite small
   number of named keys.


Web or email.

   Send a link that contains a 256 bit identifier, but the UI should
   not show anyone the identifier.

The ordinary user by default finds himself using at least one key for face to face key introductions, a different key or keys for phone introductions, and yet more for web or email introductions. If he is clever and reads the manual, which no one will ever do, he can use the same key for multiple purposes.

All of these named keys have the same behavior when you click on them, they are intended to be perceived by the user as being the same sort of thing.

He can use the link, the named key, to attempt to contact, or buddy it, or bookmark it.

The identifying link information looks like a web link, and is the nickname of the public key. By default the nickname is the petname. The user is free to edit this, but usually does not.

When he attempts to contact, this automatically buddies it and/or bookmarks it.

When he finds a named key, he may "bookmark" it, together with one of his own private keys - it goes into a datastructure that looks like, and works like, browser bookmarks. He can also put it in his buddy list.

When you look at an item in your buddy list or bookmarks list, You see a pair, the other guys key identifying information, and your own key identifying information. You don't see the keys themselves, since they look like line noise and will terrify the average user.

When you click on one of these bookmarks, this creates a connection if your key is on the other guy's buddy list and he is online. You can chat, video, whatever, end to end secured. Otherwise, if you are not on his buddy list, or he is not presently online, you can send him something that is very like an email, but end to end secure.

When you send a bunch of people a text communication, chat like, chatroom like, or email like, they are cc or bcc. If cc, all recipients of the communication get links, which they can, if they feel so inclined, message, bookmark or buddy.

Text communication software vacuums up and stores all links, so if you get an incoming communication from someone whose public key you have not buddied or bookmarked, the software will tell you any past contacts you may have had with this public key.

Buddied public keys are white listed for immediate online communication, Bookmarked and buddied public keys are white listed for offline text communication, public keys with past information about contacts are grey listed, public keys with no previous contact information are blacklisted.

Because of automatic blacklisting, to contact, you have to /exchange/ keys.

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to