On 23 August 2013 16:29, Nicolai <nicolai-liberationt...@chocolatine.org> wrote: > On Fri, Aug 23, 2013 at 01:53:59AM -0700, DC wrote: > >> My plan is to make make your email the hash of your public key. >> For example, my address is *nqkgpx6bqscsl...@scramble.io* >> (I borrowed this idea from Tor Hidden Services.) > > Cool idea. This is also similar to CurveCP and DNSCurve. For example: > > $ dig ns chocolatine.org +short > uz5qry75vfy162c239jgx7v2knkwb01g3d04qd4379s6mtcx2f0828.ns.chocolatine.org. > uz5cjwzs6zndm3gtcgzt1j74d0jrjnkm15wv681w6np9t1wy8s91g3.ns.chocolatine.org.
I feel compelled to point out the precedence here. This is a problem known as Zooko's Triangle: https://en.wikipedia.org/wiki/Zooko's_triangle Briefly it says, when giving names to members of a network: Secure, Decentralized, Memorable, pick 2. (Another good page on it seems to be http://shoestringfoundation.org/~bauerm/names/distnames.html ) SSL is Secure and Memorable, but highly centralized. (It is secure because you have to prove ownership of a name to get a certificate for it.) This technique is Secure and Decentralized - but not memorable. Off the top of my head, other techniques that make the same tradeoff are: - Tor Hidden Services, as you mentioned - SSH & OpenPGP fingerprints (here's my fingerprint, no matter where you find it, that's my identifier) - YURLs http://www.waterken.com/dev/YURL/httpsy/ - From the above URL: Freenet's CHKs, Mnet's mnetids, Chord's keys, Freenet's SSKs, SPKI's certificates For very technical audiences, I've thought these things are all right, because we tend to be fine copy/pasting around opaque strings of gibberish; but for 'normal' people it just felt too weird. I kind of wonder with the advent and integration of QR scanners, these scheme might gain more traction. It'd be worth trialing one of these and seeing how it goes. -tom -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
