client identified only by identity key.
client POST to
- /register - send id key, create account
- /token - give google cloud messaging token
- /poll - get list of pictures to get
- /get - get 1 picture
- /delete - delete picture from server
also
- /put - send picture to other user (must know identity key of user)
- /status - is picture i sent delivered or not
https://github.com/archiebell/showme/blob/master/server/main.py#L26
https://github.com/archiebell/showme/blob/master/server/v1api.py#L236
uses rocksdb database, python twisted. don't know how scales.
client <-> server protocol
client uses random client certificate to connect to server.
sends json for every request:
{
identity key - client identity key
timestamp -
https://github.com/archiebell/showme/blob/master/server/v1api.py#L20
data - picture client is /put-ting or list of picture id's to get /status
of
sig_version - 1
client_cert_hex - fingerprint of random client cert in handshake
signature - with identity key over sig_version + timestamp +
client_cert_hex
}
server matches client cert in handshake to signature. client cert is bad
bad bad but no other way to bind identity key to tls channel.
https://github.com/archiebell/showme#tls
maybe design is all bad. defending against tls break too hard.
Quoting Nathan of Guardian <[email protected]>:
Archie,
Thanks for sharing this. Posting it publicly on Guardian-Dev is probably
the best route forward. We have a lot of work on our plate, and existing
commitments to fulfill, it is hard sometimes to manage all the new
things popping up.
This looks like an impressive amount of work, and worth someones time to
explore and consider.
Can you tell me a bit more how the server-side works? Is it using some
kind of existing protocol, or just a RESTful API of some kind?
Thanks!
On Fri, Feb 17, 2017, at 12:42 AM, [email protected] wrote:
i write android app for encrypted photos
https://github.com/archiebell/showme
try to give code to tor, guardian project, send emails for months, no
reply. i post here. you can take code. i cannot run server or put app
on store, you can
want to know if anyone want app, and i keep coding
-------------------------------------------------
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of
the NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
_______________________________________________
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
To unsubscribe, email: [email protected]
--
Nathan of Guardian
[email protected]
_______________________________________________
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-devTo
unsubscribe, email: [email protected]
-------------------------------------------------
ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!
_______________________________________________
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
To unsubscribe, email: [email protected]
