On 09/10/13 19:08, Peter Fairbrother wrote: > The only assurance given by the scheme is that if a person gave you > a hash which he generated himself, and you match it with a string and > that string matches what you know about the person (eg their name or > photo), then no-one else can have MTM'd it.
So what you have is a scheme that allows people who meet *in real life* to exchange keys. Why can't they just exchange an email address and shared password? Or the fingerprint of a GPG-key, it's shorter and must match the email address. Or hand out business cards with your public key in a qr-code. If you meet in person, you've already eliminated all MitM attacks. My scheme does the opposite. It allows *total strangers* to exchange keys securely over the internet. The scheme uses a common interest website where people write signed messages. The site is the *introducer* of the strangers. The technical design with DNSSEC and a Certificate Transparency service detect MitM attacks by a hostile site. (it can't prevent it). *One* secure message is enough to create new channels. Once you have exchanged the key with a stranger, you can create other secure channels. Either direct messaging, chat, voice and video. You name it. So far, the channels are only between two people. But once introduced via a web site, people will exchange other peoples identities between friends, relatives, coworkers. Creating a web of connections, all encrypted with the TLS version du jour. The beauty: the names are readable, human friendly, easy to give out and verify. The protocol does all the certificate validation. Each web site that adopts this scheme works as an introducer. There is no central point to attack. So if the feds would block one site, you don't lose your already validated keys. You won't even lose the connections to other people if you have already established an independent message channel with most of them. Regards, Guido Witmond.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography