Hi! Ego names are _locally_ unique for the individual user, not _globally_ within GNUnet. Not sure which kind of 'unique' you were asking about.
What you propose seems to be a migration path from GnuPG to GNS. In this context, I would suggest you should try to find out what pEp is doing: they have their own (way more complex) key management for e-mail encryption, and they are _also_ starting to integrate GNS with pEp. However, I don't know how/where/for what exactly they are integrating GNS with pEp. Still, it would likely be a good idea to talk to them, and to maybe look at Sequoia (https://sequoia-pgp.org/). Happy hacking! Christian On 4/18/20 10:25 PM, TheJackiMonster wrote: > Hey, > > I would like to add authentication and encryption to a chat-client with > CADET. If I understood the docs correctly then the messages are only > signed by the key from a peer. > > I thought I could use EGO for that but I'm not sure if the names get > checked for doubles before creation of an ego. I would guess they > aren't and if they weren't I would ask how some of you would think > about this procedure: > > 1. Alice asks Bob for his public-PGP-key and his public-EGO-key. > 2. Bob responds with his key. > 3. Alice sends her public-PGP-key and related email-address of her > PGP-keypair, encrypted with Bobs public-PGP-key. > 4. Bob sends a mail encrypted with Alices public-PGP-key and signed > with his private-PGP-key. The content of the mail is a token only Alice > can read. > 5. Alice sends the token (only if it was Bobs signature) to Bob and > her public-EGO-key, encrypted with Bobs public-EGO-key. > 6. Bob sends (only if the token matches) a symmetric key back for > further communication, encrypted with Alices public-EGO-key and > remembers Alice-EGO-key matching to her email-address. > > * So in later stages Alice would not need any email-traffic for > verification her key belongs to her and she could use an EGO-key which > could be deleted much safer to make sure of forward-secrecy. > > Maybe this is unnecessary or I miss a flaw in this model. So a response > would be great then I could start implementing a solution. > > Best regards, > Tobias Frisch > > PS: I would probably use GPGMe to implement the custom procedure > because it has a pretty good API like GNUnet. >
