[Freedombox-discuss] Software as Data, Transformation as a Service

[nick.m.daly@gmail.com (Nick Daly)]

On Wed, Jan 9, 2013 at 9:48 AM, Michael Rogers <michael at briarproject.org> wrote:
> But I have to admit that I can't think of a way for the endpoints to
> signal to each other that OpenPGP keys should be used to authenticate
> the connection, without signalling the same to an eavesdropper. Any
> thoughts?

Allow OpenPGP only?  Avoid identifying the signing key and force the
client to iterate through key types until it finds a match?

The options might be crazy, but they meet the stated need.