Oskar Sandberg wrote:
> What I was saying was that just because something works as expected
> doesn't mean it's secure. Especially when one starts inventing once own
> modes and stuff, it's easy to fuck up the security without knowing it
> ("This letter is really, really, secret, so I OTP encrypted
> it... twice!").
Absolutely.
> The safer option simply causes the temporary files to be encrypted with a
> random key that is only kept in memory. The CLI clients to not worry about
> the security of SVK/SSK private keys, that is a whole different issue.
This still has me confused. Oh well. I'll figure it out later.
> HTL 1 means it only reaches one node - why would you want random data to
> propogate further?
Doh! All it really does is generate a public/private key pair, so why
would I want to insert anything to the network!
> Since you're Unix only anyways, you should use /dev/(u)random for the
> random numbers.
<mumbles> too lazy... not critical...
> Any plans on getting other keytypes working (CHK, SSK)? That seems like
> the easy part to me.
I added CHK support. One caveat - on an insert the hash (inserted key)
is just printed to stdout, not any fancy window. The fork() really fucks
things like this up.
I don't know what how many other keytypes need be supported. CHK's are
content-verified and SSK's are sender-verified. That's all I need. KSK's
suck IMHO. SVKs are really just more primitive SSKs that "hold" only one
file. Why support them? Or, who will use them. That's the question.
I also made the interface a bit nicer (IMHO) and a few other assorted
improvements.
Version 0.2.2 is up at ftp://24.131.186.16/ .
Or, of course, at
freenet:SSK at bakunin-0.2.2.tar.gz,oNOwzscVwsgmAUsofeZKSvjG3SACAQ !
Mark Roberts
mroberts100 at mediaone.net
_______________________________________________
Freenet-dev mailing list
Freenet-dev at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
