, Jul 14, 2018 at 12:19 PM, Human at FlowCrypt
wrote:
> Sorry, I hadn't noticed that you linked specifically the conflux
> (reconciliation code). That is indeed a good start if someone wanted to
> take the time to understand it.
>
> On Sat, Jul 14, 2018, 20:16 Human a
Sorry, I hadn't noticed that you linked specifically the conflux
(reconciliation code). That is indeed a good start if someone wanted to
take the time to understand it.
On Sat, Jul 14, 2018, 20:16 Human at FlowCrypt wrote:
> Hockeypuck has not had any commits in years, if I saw c
Hockeypuck has not had any commits in years, if I saw correctly.
It cannot process some of the keys (maybe for a good reason, but it will
clog the recon mechanism nevertheless, I suppose).
I think it was a great effort, but apparently not maintained.
If the recon process could be updated with me
.
Speaking of preventing abuse, only email addresses and key ids should get
indexed for search, and only strict match should be allowed.
On Sat, Jul 14, 2018, 19:30 Andrew Gallagher wrote:
>
> > On 14 Jul 2018, at 09:34, Human at FlowCrypt
> wrote:
> >
> > > &
> > Could this be mitigated by validating email addresses as they come in?
> No, because ID fields are not required to be email addresses.
Then let's drop keys that don't contain a valid email address in the key id.
We should want to solve this, not stick our heads in the sand.
On Sat, Jul 14,