Pedro Melo wrote:
On Aug 29, 2008, at 12:43 PM, Dave Cridland wrote:There's two issues:First off, if I'm in your roster, you might ask me about Dirk's fingerprint - in which case, I know that you're talking to Dirk, which is pretty awesome. We can shield this one by hashing the jid, so I can then scan through my hashes-of-known-jids and at least only know you're talking to Dirk if I previously have as well.Sure. One step further is this: I send you an hash of Dirk's JID + Dick's offered fingerprint. If you have the same, you can tell me that "yes, I trusted something like that already".This way you will only know whom I'm talking to if you have previously accepted the same pair JID+Fingerprint.Even less information disclosure.
I like that.
Second, if I reply with a fingerprint match, I'm verifying not only the fingerprint, but that I, too, have spoken to Dirk and confirmed him, so you can run away and tell everyone we're co-conspirators.Yes, but I can't see how to ask you do confirm something for me without telling you this much. Maybe someone else can.But I like using the Roster as a Web-of-Trust...
I do, too -- it's the first thing I thought of when I saw that paper. /psa
smime.p7s
Description: S/MIME Cryptographic Signature
