On Tue, Sep 10, 2013 at 09:01:49PM +0200, Guido Witmond wrote:
My scheme does the opposite. It allows *total strangers* to exchange
keys securely over the internet.
With a FOAF routing scheme with just 3 degrees of separation
there are not that many strangers left.
If you add opportunistic
Hi Peter,
We really have different designs. I'll comment inline.
On 09/09/13 19:12, Peter Fairbrother wrote:
On 09/09/13 13:08, Guido Witmond wrote:
I like to look at it the other way round, retrieving the correct
name for a key.
You don't give someone your name, you give them an 80-bit
On 09/10/13 19:08, Peter Fairbrother wrote:
The only assurance given by the scheme is that if a person gave you
a hash which he generated himself, and you match it with a string and
that string matches what you know about the person (eg their name or
photo), then no-one else can have MTM'd it.
On 10/09/13 10:00, Guido Witmond wrote:
Hi Peter,
We really have different designs. I'll comment inline.
On 09/09/13 19:12, Peter Fairbrother wrote:
On 09/09/13 13:08, Guido Witmond wrote:
I like to look at it the other way round, retrieving the correct
name for a key.
You don't give
On 09/09/13 13:08, Guido Witmond wrote:
Hi Perry,
I just came across your message [0] on retrieving the correct key for a
name. I believe that's called Squaring Zooko's Triangle.
I've come up with my ideas and protocol to address this need.
I call it eccentric-authentication. [1,2]
With
On 2013-09-04 13:12:21 +0200 (+0200), Ilja Schmelzer wrote:
There is already a large community of quite average users which use
Torchat, which uses onion-Adresses as Ids, which are 512 bit hashs if
I remember correctly.
Typical ways of communication in this community are look for my
On 2013-09-01 13:02:26 +1000 (+1000), James A. Donald wrote:
On 2013-09-01 11:16 AM, Jeremy Stanley wrote:
[...]
bring business cards (or even just slips of paper) with our name,
E-mail address and 160-bit key fingerprint.
[...]
The average user is disturbed by the sight a 160 bit hash.
So, how do I translate al...@example.org into a key?
Once again, what do you think of namecoin?
A bitcoin-like consensual database based on proof of work.
If you also require proof-of-key via signature from the recipient,
majority attacks make DoS easy, but identity stealing is still
dependent
On Mon, 2 Sep 2013 03:00:42 +0200 Faré fah...@gmail.com wrote:
At intervals, the trustworthy organization (and others like it)
can send out email messages to Alice, encrypted in said key,
saying Hi there! Please reply with a message containing this
magic cookie, encrypted in our key,
On Mon, 2 Sep 2013 19:53:03 +0200 Faré fah...@gmail.com wrote:
On Mon, Sep 2, 2013 at 7:19 PM, Perry E. Metzger
pe...@piermont.com wrote:
On Mon, 2 Sep 2013 03:00:42 +0200 Faré fah...@gmail.com wrote:
At intervals, the trustworthy organization (and others like
it) can send out email
On Mon, Sep 2, 2013 at 7:19 PM, Perry E. Metzger pe...@piermont.com wrote:
On Mon, 2 Sep 2013 03:00:42 +0200 Faré fah...@gmail.com wrote:
At intervals, the trustworthy organization (and others like it)
can send out email messages to Alice, encrypted in said key,
saying Hi there! Please
On 25 August 2013 21:29, Perry E. Metzger pe...@piermont.com wrote:
[Disclaimer: very little in this seems deeply new, I'm just
mixing it up in a slightly different way. The fairly simple idea I'm
about to discuss has germs in things like SPKI, Certificate
Transparency, the Perspectives
On 2013-08-25 16:29:42 -0400 (-0400), Perry E. Metzger wrote:
[...]
If I meet someone at a reception at a security conference, they might
scrawl their email address (al...@example.org) for me on a cocktail
napkin.
I'd like to be able to then write to them, say to discuss their
exciting new
On 2013-09-01 11:16 AM, Jeremy Stanley wrote:
At free software conferences, where there is heavy community
penetration for OpenPGP already, it is common for many of us to bring
business cards (or even just slips of paper) with our name, E-mail
address and 160-bit key fingerprint. Useful not
14 matches
Mail list logo