Re: [cryptography] Secure universal message addressing

Mon, 04 Apr 2016 21:06:46 -0700 

On 4/04/2016 15:55 pm, Natanael wrote:


After spending way too much time thinking about how to design a secure
universal message passing platform that would work for both IM, email,
push messages and much more, I just ended up with a more complex version
of XMPP that won't really ever have lower latency, be scalable or be
simpler to operate or even be secure at all. So I dropped that idea.

Then I ended up thinking about addressing instead. If building one
single universal communication protocol is too hard, why couldn't it
still be simple to have one single universal protocol for identifying
recipients / users? It would allow each user to have one single unique
global identifier which can be used to find out which communication
protocols each other user supports and how to connect to them.
You're trying to build a tool. Then when that becomes hard, you're switching to another tool that is more or less harder.
Instead, how about setting up a set of requirements which are driven by users? Although sometimes a boring process, it can drive a real design much more cleanly because there is a reason for every choice - a reason that relates up to what the user needs. 


E.g.:


We need secure push messaging, IM, mail and much more,


Like that - except much more and more written down!


... If connecting secure
protocols to your account is easy and transparent for everybody
involved, there would be much less resistance towards changing clients.


"Can use multiple secure protocols as underlying transport?"


...Opening the
contact details for a person would simply show you which protocols you
both already support, and which additional ones they support that you don't.


"Has contact management for each person that does...XXX"


The key idea here is that you get to have *one* identifier for yourself
under your control, that you can use everywhere, securely. Knowing that
people have your real address should provide a strong guarantee that
messages from them to you will go only to you. And you shouldn't need to
change address because you changed messaging services.


"A person has one identifier in another person's client?"


How would you guys go about designing a system like what I describe?



Like that above - requirements driven by business/people behaviour.


iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to