On 10/04/2011 11:56 AM, Timur Mehrvarz wrote: > I really wish we could get to a point where we can trust the wireless > connection, reducing the number of steps needed for PGP based > "friedning", making the process more acceptable for 'regular people'.
i agree that it would be nice if this were possible. I'm just not sure
how we'd get there.
One thought: what about a point-to-point wired connection? That's
pretty easy for humans to physically inspect/verify, and wouldn't need
the additional optical verification check.
Is there such a standard connection for common handheld
computers/smartphones?
> But for as long as we do not fully trust the wireless connection - which
> is why we want to verify the key fingerprints - we cannot use it to
> coordinate/automate the verification process. I think.
I think untrusted wireless could be safely used for coordination and
automation of a key exchange handshake under two conditions:
0) it is clear what is happening to the device operator, and
1) the worst-case event that could happen from malicious wireless
interference is a visible failure-to-handshake
I haven't written up a precise spec for any automation like this, but it
seems plausible to me that a well-specified process could meet these
conditions.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
