Hi! :-) On Sat, Jan 10, 2015 at 10:08:39AM +0100, intrigeri wrote: > Frankly, I think I'll wait for this OPW round to be over, and then I'm > happy to give GNOME Keysign a try and provide feedback. cool.
> > I've got a few initial questions, though: > > * is working Avahi required to use GNOME Keysign? Currently, yes. This is to provide an out-of-the-box experience. You fire up the program and you can connect those without having to know the IP address of the other party. Technically, it's possible to do without Avahi. But then the user interface gets more complicated. > * what exact networking connection needs to be allowed for GNOME > Keysign to work, especially on the LAN? any ports than need to be > open in the firewall for incoming and/or outgoing traffic? For now, the key is shared via HTTP on a dedicated port. The rationale for using a fully fledged TCP connection is that the full OpenPGP key can be quite large. Larger than a QR code can handle. Also: current key signing schemes require you to connect to the Internet in order to download the keys you are about to sign. So we're not worse than that. The upshot is: Most keys are not that big. So it would certainly be possible, and I think preferrable, to not use the network if not necessary. FWIW: I'll be at FOSDEM. I'll hang around the GNOME booth and I'll be in the security devroom for presenting GNOME Keysign: https://fosdem.org/2015/schedule/event/keysigning/ I'd be happy to meet any of you guys to have a beer, coffee, chat, or all of that. Happy Hacking, Tobi _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
