[Freedombox-discuss] Santiago Verifying Requests
Sorry for the slow turnaround, I've been doing way too much work and
spending most of my spare time trying to figure out how GnuPG and
Python-GnuPG differentiate between "this signature is mathematically
self-authenticating" and "this signer is within my web of trust" - it's
unclear from the documentation how to tease apart those concepts. I
still have some key signing and verifying tests I need to do though.
Guess it's time to generate lots of entropy by watching YouTube videos
of otters holding hands.
The following is a poor-etiquette multi-reply, apologies.
On Wed, 11 Apr 2012 23:08:28 +0200, Michael Rauch wrote:
> by encrypting and signing the message you get end-to-end confidentiality
> and integrity of payload+destination between A and B (step 1. and 2.).
>
> what is the purpose of step 3? is the intent to only relay messages for
> friends (trusted entities) and if so, what is gained and lost with that
> approach?
Nice job identifying the purpose behind each step. I included step 3 so
that A's message to B could pass through any number of proxies who trust
neither A nor B (only the first and last proxies need to trust A and B,
respectively). The idea is to relay only messages that come from
friends. This keeps any private Web-of-Trust nodes private.
This allows me to publish my key and publicly sign other keys, but to
also trust (yet never publish) some trust-relationships. Perhaps that
particular trust relationship (pseudonymous or not) is sensitive
information. Granted, these private trusts contribute nothing to the
WoT but they are a useful privacy-protecting feature nonetheless.
On Wed, Apr 11, 2012 at 2:11 PM, Charles N Wyble wrote:
> Nick M. Daly wrote:
>> If you want a "working" Santiago, check out the previous commits [1].
>> Things are kinda torn up right now and *will not work*.
>
> Branches? :)
As soon as this feature is complete, it'll be feature complete enough to
*have* a stable branch. ;) It'll also get documentation and unit
testing. And a list of new features to develop.
On Thu, 12 Apr 2012 09:16:32 -0700, Jack Wilborn wrote:
> I was just curious if we are using the en/de encryption that the CPU has
> internally or are we using software to do this? Just curious, hope we are
> using the supplied hardware to handle this within the CPU.
I don't think I understand your question. I ask the Python-software to
perform the calculation, which it performs with the CPU (through pure
magic, as far as I know). Are you asking "do we farm these calculations
out to a math-coprocessor?" That's dependent on CPU architecture (IIRC?).
Don't know if DreamPlug has one, but your standard x86 system will.
Thanks for your time,
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120412/33c1cd1e/attachment.pgp>
Reply to: