[Freedombox-discuss] Tap-to-share PGP key exchange
- Subject: [Freedombox-discuss] Tap-to-share PGP key exchange
- From: dkg@fifthhorseman.net (Daniel Kahn Gillmor)
- Date: Tue, 04 Oct 2011 12:38:25 -0400
- Message-id: <[🔎] 4E8B3681.4010904@fifthhorseman.net>
- In-reply-to: <[🔎] 4E8B2C90.6030203@googlemail.com>
- References: <1316794602.19150.140258146975101@webmail.messagingengine.com> <21AF649B-05E1-48AE-B4F8-2F84FB7E33E7@let.de> <87hb426axz.fsf@debian.home> <B57606A6-73D8-4A32-ADCB-36F0E08072E8@let.de> <8762ki69vx.fsf@debian.home> <20110925155424.GR25711@leitl.org> <20110926070306.2349b14c.weaver@riseup.net> <4E80D173.7020907@googlemail.com> <4E8482E9.40109@googlemail.com> <4E849282.4010401@fifthhorseman.net> <4E85AC0A.9020808@googlemail.com> <1317390628.14509.2.camel@blacksword.home> <4E85CDB1.7000305@googlemail.com> <4E85D574.2000504@fifthhorseman.net> <4E85D9FF.30909@googlemail.com> <263ECD56-31B9-4396-AD5D-9B3F99F76D40@prol.etari.at> <4E85EB8B.3090808@fifthhorseman.net> <F31E695A-A6BF-4DC6-BD78-CFB78B1CF2C0@prol.etari.at> <4E85FE31.6000602@fifthhorseman.net> <4E861879.4080303@googlemail.com> <4E8621ED.8000404@fifthhorseman.net> <4E863C65.7090001@googlemail.com> <[🔎] 19C7A952-AF26-43F4-87B8-4F082C82E88C@prol.etari.at> <[🔎] 4E8B2C90.6030203@googlemail.com>
On 10/04/2011 11:56 AM, Timur Mehrvarz wrote:
> I really wish we could get to a point where we can trust the wireless
> connection, reducing the number of steps needed for PGP based
> "friedning", making the process more acceptable for 'regular people'.
i agree that it would be nice if this were possible. I'm just not sure
how we'd get there.
One thought: what about a point-to-point wired connection? That's
pretty easy for humans to physically inspect/verify, and wouldn't need
the additional optical verification check.
Is there such a standard connection for common handheld
computers/smartphones?
> But for as long as we do not fully trust the wireless connection - which
> is why we want to verify the key fingerprints - we cannot use it to
> coordinate/automate the verification process. I think.
I think untrusted wireless could be safely used for coordination and
automation of a key exchange handshake under two conditions:
0) it is clear what is happening to the device operator, and
1) the worst-case event that could happen from malicious wireless
interference is a visible failure-to-handshake
I haven't written up a precise spec for any automation like this, but it
seems plausible to me that a well-specified process could meet these
conditions.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20111004/b9fbef1e/attachment.pgp>
Reply to: