On 27/06/2006, at 5:49 AM, K.S.Sreeram wrote:
David Barrett wrote:
Granted, none of these are purely decentralized (well, maybe (5)
is, if
you're on an ad-hoc wireless network). Ultimately you're using
DNS, SMTP,
Jabber, or some other centralized protocol to make the exchange
happen. But
that's a semantics debate.
I finally decided to bite the bullet and implement a centralized key
server, because it provides the best ease of use in the most general
way. Ofcourse the central key server will be completely optional.
Those
who care can just resort to manually mailing their public keys to each
other.
How the central key server works:
When a user creates his RSA key, he registers his public key with the
key server and receives a unique key-id (which is currently just the
database table's row id). The key-id will be a simple number which can
be more easily exchanged by users (thru phone or chat).
When adding a contact, the user can enter a key-id, and the public key
will be automatically fetched from the key server.
Sounds like you could think about implementing this server
functionality into all
of the peers, i.e. every user runs their own key server, and then key
servers
interconnect in some way; as David was suggesting in detail.
BTW: I think dynamic DNS works similarly to what you are proposing,
especially in
the case that users want to change their keys with some regularity.
Also, if you use _simple_ key-id numbers then people could guess
valid numbers?
It might be better to make it a pass phrase if you want people to
easily exchange it
through phone or chat.
-a
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
