[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Social-discuss] Announcing P2P GNU Social
|
From: |
Ted Smith |
|
Subject: |
Re: [Social-discuss] Announcing P2P GNU Social |
|
Date: |
Sun, 11 Jul 2010 17:32:53 -0400 |
On Sun, 2010-07-11 at 15:33 +0200, Melvin Carvalho wrote:
>
>
> On 11 July 2010 06:18, Ted Smith <address@hidden> wrote:
>
> On Sun, 2010-07-11 at 11:21 +0900, B. Kip wrote:
> > Still trying to understand this in detail:
> >
> > On Sat, Jul 10, 2010 at 9:46 PM, Blaine Cook
> <address@hidden> wrote:
> > On 10 July 2010 13:26, Ted Smith <address@hidden>
> wrote:
> > > It means that if your server (to be precise, your
> > > core) is cracked, or subpoenaed by the
> MAFIAA/ACTA-Empowered
> > Sharing
> > > Police, it can give up no data that you haven't
> already
> > decided is
> > > public.
> > >
> > > I don't think that StatusNet GNU Social makes that
> > guarantee, even when
> > > it comes to private messaging. I would be very
> happy to be
> > wrong.
> >
> >
> > It doesn't, though servers are free to encrypt the
> data before
> > and/or
> > after it's sent. The same applies for email. Two
> thoughts:
> >
> > 1. I welcome experiments using P2P networks for
> social
> > networks, but
> > consider the human-level usability concerns. No
> matter what
> > the
> > underlying technology is, you need a human-level
> addressing
> > system
> > (the acid test for a good addressing scheme is the
> ability for
> > one
> > person to be able to write down on a scrap of paper
> an address
> > at
> > which someone else can contact them later). If you
> use
> > webfinger (re:
> > email-like addresses), you can maintain
> compatibility with
> > mainline
> > GNU Social, Status.net, Diaspora (i.e., OStatus),
> and Google
> > Buzz
> > while providing forwards-compatibility to stronger
> > privacy-based
> > networks*.
> >
> > From: GNU social - Privatemessaging - Open wiki - Gitorious
> > http://gitorious.org/social/pages/Privatemessaging:
> > * If Bob hasn’t authenticated against Alice’s
> server,
> > then Bob’s server goes through the Webfinger
> auth
> > process, generating a shared secret. If he
> already
> > has, he’ll already have such a secret.
> > * Bob’s server uses the shared secret from the
> Webfinger
> > auth process to retrieve Alice’s message.
> > So, as I understand it, this shared secret is simply a way
> of ensuring
> > that Bob is really Bob and Alice is really Alice, and that
> they know
> > eachother, not a key that is used to encrypt messages
> between Alice
> > and Bob- correct?
>
>
> I believe that's correct. I'm not entirely sure what "the
> Webfinger auth
> process" is here. A cursory look at Webfinger doesn't indicate
> what that
> is. I assume it is something that Bob's server uses to prove
> that it
> hosts Bob's account, at which point Alice's server sends Bob's
> server
> the message.
>
> > If you go this far why not take the extra step of
> encryption? Is that
> > a whole lot more complicated to do? What process are you
> using to
> > authenticate? Are you making use of public keys shared
> through
> > Webfinger?
>
>
> There's not really any point of encryption if your key
> material is
> stored on an untrusted server.
>
> I'm not really sure if you're asking questions about Statusnet
> GNU
> Social or P2P GNU Social, but in P2P GNU Social, there's no
> need for
> authentication, because the messages are encrypted end-to-end.
> Like all
> other content, Alice notifies Bob of a message, and Bob pulls
> the
> message. If anyone else is scraping Alice's core and finds the
> URL that
> Bob uses to pull Alice's message, they can have it - as long
> as the
> protocols Alice and Bob picked to use in OpenPGP are secure
> (probably
> RSA and AES), there is not much hope of that person obtaining
> the
> message.
>
> Yeah, nice. I've often thought person to person sharing can be
> encrypted simply using the next party's public key (GPG or X.509)
>
> For group sharing you can add another optimization of a group sharing
> an aes 256 key. Of course you're only as strong as your weakest link,
> but it's a good start.
>
We get this for free with OpenPGP. It encrypts the data with a symmetric
cipher, and encrypts the key for that with the asymmetric cipher.
> With FOAF it's pretty easy to associate a public key with a profile (a
> few lines of cut and paste) which is also the basis/simplicity of FOAF
> +SSL
>
> The elegance of this system is that to get a user's public key, you
> just need to lookup the webpage, which is something that's almost
> trivial to do.
>
> With webfinger it's a bit harder to get information out of the email
> address, you'd normally have to deploy a server to specially do this.
> It's always nice to be able to get new information from an identifier,
> IMHO it's an unnecessary step, but i dont have a huge issue with
> people that want to do this, and can see it's necessary for many of
> the large webmail providers to finally get into the interop game.
You'd have to set up a server to get information out of FOAF, right? You
need some way to download the information. Webfinger only involves
webpage lookups.
signature.asc
Description: This is a digitally signed message part
- [Social-discuss] Announcing P2P GNU Social, Ted Smith, 2010/07/09
- Re: [Social-discuss] Announcing P2P GNU Social, B. Kip, 2010/07/10
- Re: [Social-discuss] Announcing P2P GNU Social, Ted Smith, 2010/07/10
- Re: [Social-discuss] Announcing P2P GNU Social, Blaine Cook, 2010/07/10
- Re: [Social-discuss] Announcing P2P GNU Social, Miron Cuperman, 2010/07/10
- Re: [Social-discuss] Announcing P2P GNU Social, Ted Smith, 2010/07/10
- Re: [Social-discuss] Announcing P2P GNU Social, B. Kip, 2010/07/10
- Re: [Social-discuss] Announcing P2P GNU Social, Ted Smith, 2010/07/11
- Re: [Social-discuss] Announcing P2P GNU Social, Melvin Carvalho, 2010/07/11
- Re: [Social-discuss] Announcing P2P GNU Social,
Ted Smith <=
- Re: [Social-discuss] Announcing P2P GNU Social, B. Kip, 2010/07/11
- Re: [Social-discuss] Announcing P2P GNU Social, Ted Smith, 2010/07/12