[Freedombox-discuss] Software as Data, Transformation as a Service
- Subject: [Freedombox-discuss] Software as Data, Transformation as a Service
- From: email@example.com (Nick M. Daly)
- Date: Tue, 08 Jan 2013 07:43:39 -0600
- Message-id: <[🔎] firstname.lastname@example.org>
- In-reply-to: <CAKaEYhKF-oC788y8GrRXEfVzPH6yW5tS++jk=MELLabRij4rng@mail.gmail.com>
- References: <09CD8010-A1A1-4DD3-8CD0-C0C5218D5A33@ecs.soton.ac.uk> <email@example.com> <EMEW3|38137deae3952a289fa2f4667ed14281o851KB02ds|ecs.soton.ac.uk|09CD8010-A1A1-4DD3-8CD0-C0C5218D5A33@ecs.soton.ac.uk> <CAKaEYh+NU6KFHZK8gYRfy2AxG19-Y6jHVhr_-qNmZFtHR7Cgfirstname.lastname@example.org> <email@example.com> <CAKaEYhKF-oC788y8GrRXEfVzPH6yW5tS++jk=MELLabRij4rng@mail.gmail.com>
Spinning up a way-overdue discussion again. Sorry for the gravedigging,
but this is good stuff.
Melvin Carvalho writes:
> On 1 November 2012 18:44, Nick M. Daly <nick.m.daly at gmail.com> wrote:
>> Melvin Carvalho <melvincarvalho at gmail.com> writes:
>>> I think in the case of freedombox it would be desireable to have
>>> not only a web identity but to tie it to GPG, which is something
>>> I've already done some work on.
>> Would you mind describing that a bit? FBuddy  is designed to make
>> (PGP-) signed/encrypted location statements available, over any service
>> you're using.
> Currently looking at 3 areas.
> 1. Converting GPG keys with X.509 using bouncy castle (have some rough
> code working)
Have you made any progress on this? How does this tie in with
Monkeysphere? I thought they were working on something similar, but
maybe I misunderstood.
> 3. Crypto in the browser, for use to encrypt/decrypt maybe sign etc (saw an
> impressive demo from Mozilla last week)
Can you link to that demo?
> The general idea is to translate some of the features of GPG to the web
> stack so it an be used for similar purposes in a web context
> I took a quick look at giorious but if it wasnt that easy to work out all
> the details in theory it would be nice to use the same master key in
> different contexts, and provide methods to revoke etc.
Yes, ultimately I think we all have the goal of using the same PGP
master key in more areas than it's being used now, however, I'm worried
that this sort of thing could easily lead to metaphor shear between
projects: where your PGP key means something significantly different
between services. Those sorts of changes are going to happen between
services, but as long as we end up agreeing that a key is used to
identify a service provided by an identity, then I doubt it'll be a big
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 835 bytes
Desc: not available