Aaron Harwood wrote: > On 27/06/2006, at 5:49 AM, K.S.Sreeram wrote: >> I finally decided to bite the bullet and implement a centralized key >> server, because it provides the best ease of use in the most general >> way. Ofcourse the central key server will be completely optional. Those >> who care can just resort to manually mailing their public keys to each >> other. >> >> How the central key server works: >> When a user creates his RSA key, he registers his public key with the >> key server and receives a unique key-id (which is currently just the >> database table's row id). The key-id will be a simple number which can >> be more easily exchanged by users (thru phone or chat). >> When adding a contact, the user can enter a key-id, and the public key >> will be automatically fetched from the key server. > > Sounds like you could think about implementing this server functionality > into all > of the peers, i.e. every user runs their own key server, and then key > servers > interconnect in some way; as David was suggesting in detail. > > BTW: I think dynamic DNS works similarly to what you are proposing, > especially in > the case that users want to change their keys with some regularity. > Also, if you use _simple_ key-id numbers then people could guess valid > numbers? > It might be better to make it a pass phrase if you want people to easily > exchange it > through phone or chat.
The key server is used to fetch the user's public key *only* when adding a contact. The key server is not used at any other time, in particular its not used when establishing a secure channel for communication. Also the key server is optional, the user can manually email his public key to his friends, and they can directly add the public key to their contact list. Given this scenario, i wanted the simplest possible solution, and creating a new overlay network of key servers seems like a research problem in itself! :) Btw, this entire project has been opensourced, and is available at http://cspace.in regards [sreeram;]
signature.asc
Description: OpenPGP digital signature
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
