Sorry for the slow turnaround, I've been doing way too much work and spending most of my spare time trying to figure out how GnuPG and Python-GnuPG differentiate between "this signature is mathematically self-authenticating" and "this signer is within my web of trust" - it's unclear from the documentation how to tease apart those concepts. I still have some key signing and verifying tests I need to do though. Guess it's time to generate lots of entropy by watching YouTube videos of otters holding hands.
The following is a poor-etiquette multi-reply, apologies. On Wed, 11 Apr 2012 23:08:28 +0200, Michael Rauch wrote: > by encrypting and signing the message you get end-to-end confidentiality > and integrity of payload+destination between A and B (step 1. and 2.). > > what is the purpose of step 3? is the intent to only relay messages for > friends (trusted entities) and if so, what is gained and lost with that > approach? Nice job identifying the purpose behind each step. I included step 3 so that A's message to B could pass through any number of proxies who trust neither A nor B (only the first and last proxies need to trust A and B, respectively). The idea is to relay only messages that come from friends. This keeps any private Web-of-Trust nodes private. This allows me to publish my key and publicly sign other keys, but to also trust (yet never publish) some trust-relationships. Perhaps that particular trust relationship (pseudonymous or not) is sensitive information. Granted, these private trusts contribute nothing to the WoT but they are a useful privacy-protecting feature nonetheless. On Wed, Apr 11, 2012 at 2:11 PM, Charles N Wyble wrote: > Nick M. Daly wrote: >> If you want a "working" Santiago, check out the previous commits [1]. >> Things are kinda torn up right now and *will not work*. > > Branches? :) As soon as this feature is complete, it'll be feature complete enough to *have* a stable branch. ;) It'll also get documentation and unit testing. And a list of new features to develop. On Thu, 12 Apr 2012 09:16:32 -0700, Jack Wilborn wrote: > I was just curious if we are using the en/de encryption that the CPU has > internally or are we using software to do this? Just curious, hope we are > using the supplied hardware to handle this within the CPU. I don't think I understand your question. I ask the Python-software to perform the calculation, which it performs with the CPU (through pure magic, as far as I know). Are you asking "do we farm these calculations out to a math-coprocessor?" That's dependent on CPU architecture (IIRC?). Don't know if DreamPlug has one, but your standard x86 system will. Thanks for your time, Nick
pgpgNQsNHLtm5.pgp
Description: PGP signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
