Hi, On Mon, Jan 20, 2014 at 03:13:42PM +0400, Yuriy Kaminskiy wrote: > FWIW, I quickly looked at pbp [python? hate-hate-hate], it apparently has > nearly > same design defect: it uses long-term curve25519 keypair for message > encryption. > Unlike pcp, it does not include sender identification in message, receiver > must > try all public keys in her keyring.
Nope, the sender's public key is included by pbp with the encrypted message. Since yesterday pcp does the same. However, I use a dynamic keypair on the sender site now. I'm currently in the process to change the encrypted output format of pcp to match the one of pbp. > It is not easy to mess up with crypto - it is /extremely/ easy :-( > > And that's why it is important to point out at mistakes early on, without any > mercy :-) Absolutely. Speaking of mistakes: I had even a note in the manpage where I mentioned that it might be a bad idea to include the key-id with encrypted messages, though I totally forgot it :) Oh - and I didn't really include the key-ids, but a hash from it instead. However, this has already been changed. > PPS === cut platform.h === > #ifndef HAVE_ARC4RANDOM_BUF > // shitty OS. we're using libsodium's implementation > === cut === > LOL, I'm glad I'm on "shitty OS" Well, now you know, I don't like linux :) best regards, Tom -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
