On 18 April 2015 at 00:51, Tony Arcieri wrote:
> On Fri, Apr 17, 2015 at 11:56 AM, Ron Garret wrote:
>>
>> The fact that to use PGP you have to install an application. (This is
>> true for Peerio as well.) That turns out to be too much friction for most
>> people. Whenever you have to install
On Apr 17, 2015, at 6:59 PM, Tony Arcieri wrote:
> On Fri, Apr 17, 2015 at 4:25 PM, Ron Garret wrote:
> Why should anyone trust anyone’s web page? When was the last time you
> obtained a software application that was *not* delivered via the web?
>
> There's a big difference between a web pag
On Fri, Apr 17, 2015 at 4:25 PM, Ron Garret wrote:
> Why should anyone trust anyone’s web page? When was the last time you
> obtained a software application that was *not* delivered via the web?
>
There's a big difference between a web page with JavaScript loaded in a
browser and a static artif
On Apr 17, 2015, at 3:51 PM, Tony Arcieri wrote:
> On Fri, Apr 17, 2015 at 11:56 AM, Ron Garret wrote:
> The fact that to use PGP you have to install an application. (This is true
> for Peerio as well.) That turns out to be too much friction for most people.
> Whenever you have to install
On Fri, Apr 17, 2015 at 11:56 AM, Ron Garret wrote:
> The fact that to use PGP you have to install an application. (This is
> true for Peerio as well.) That turns out to be too much friction for most
> people. Whenever you have to install an application you have to decide
> whether or not you
On Apr 17, 2015, at 12:32 PM, z...@manian.org wrote:
> I don't think this really solves any actual crypto problems.
Just to be clear, I’m not claiming to solve any actual crypto problems. I’m
claiming (or maybe “aiming” is a better word) to solve a UI/UX problem.
> I also suspect it's pretty
I don't think this really solves any actual crypto problems. I also suspect
it's pretty hard to solve any of the big problems while retaining this
level of simplicity. But I'm sure you'll learn stuff along the way. More
inline.
On Fri, Apr 17, 2015 at 12:04 PM, Ron Garret wrote:
>
> On Apr 17, 2
On Apr 17, 2015, at 12:04 PM, stef wrote:
> On Fri, Apr 17, 2015 at 11:56:48AM -0700, Ron Garret wrote:
>> On Apr 17, 2015, at 11:27 AM, Dominik Schuermann
>> wrote:
>>> what problem of traditional PGP implementations did you solve?
>>
>> The fact that to use PGP you have to install an applica
On Fri, Apr 17, 2015 at 11:56:48AM -0700, Ron Garret wrote:
> On Apr 17, 2015, at 11:27 AM, Dominik Schuermann
> wrote:
> > what problem of traditional PGP implementations did you solve?
>
> The fact that to use PGP you have to install an application. (This is true
> for Peerio as well.) That t
On Apr 17, 2015, at 11:26 AM, z...@manian.org wrote:
> At some level, this is in the same conceptual space as Peerio / Minilock.
That’s right.
> The primary notable difference I see is you have used a binary format for
> keys and messages.
That’s not the main difference that I claim. The mes
On Apr 17, 2015, at 11:27 AM, Dominik Schuermann
wrote:
> what problem of traditional PGP implementations did you solve?
The fact that to use PGP you have to install an application. (This is true for
Peerio as well.) That turns out to be too much friction for most people.
Whenever you hav
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
what problem of traditional PGP implementations did you solve?
* Looks like key exchange problem is still present (sent by mail)
* Any key authentication? I don't see any verification or
certification model.
Regards
Dominik
On 04/17/2015 08:21
At some level, this is in the same conceptual space as Peerio / Minilock.
The primary notable difference I see is you have used a binary format for
keys and messages.
Minilock uses a compressed curve25519 point without any metadata as public
key. This is more compact than your format. It'sBase58
ohio,
On Fri, Apr 17, 2015 at 10:56:01AM -0700, Ron Garret wrote:
> 1. It is a standalone web application.
putting keys in the browser is like putting keys in front of a dmz. browsers
are not designed for this, they are designed for delivering impressions and
services to you. the security featur
TL;DR: I took tweet-NaCl-JS and wrapped a little PGP-like webapp around it. I
would like to solicit feedback and code review from this community before I
submit it for a formal audit and release it to the general public.
Links:
Source code: https://github.com/Spark-Innovations/SC4
Live demo:
15 matches
Mail list logo