After you put the key server up, I would continue to look for decentralized ways with the hope of making the central keyserver the backup after a decentralized method doesn't work. A truly decentralized (and secure from MITM attack) comm network (especially in a hostile environment) is a holy grail. The problems of PKI are what are keeping it from being used much. So key exchange needs to be as painless and unconfusing as possible.
rearden On Mon, 26 Jun 2006 15:49:03 -0400 "K.S.Sreeram" <[EMAIL PROTECTED]> wrote: >David Barrett wrote: >> Granted, none of these are purely decentralized (well, maybe (5) >is, if >> you're on an ad-hoc wireless network). Ultimately you're using >DNS, SMTP, >> Jabber, or some other centralized protocol to make the exchange >happen. But >> that's a semantics debate. > >I finally decided to bite the bullet and implement a centralized >key >server, because it provides the best ease of use in the most >general >way. Ofcourse the central key server will be completely optional. >Those >who care can just resort to manually mailing their public keys to >each >other. > >How the central key server works: >When a user creates his RSA key, he registers his public key with >the >key server and receives a unique key-id (which is currently just >the >database table's row id). The key-id will be a simple number which >can >be more easily exchanged by users (thru phone or chat). >When adding a contact, the user can enter a key-id, and the public >key >will be automatically fetched from the key server. > >Regards >Sreeram Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 _______________________________________________ p2p-hackers mailing list [EMAIL PROTECTED] http://lists.zooko.com/mailman/listinfo/p2p-hackers
