On Sun, 20 Mar 2011, Boaz <[email protected]> wrote:

For what it's worth, my wishlist:

< ... />

7. File transfer.  Both published to the world and access controlled.

< ... />


Additionally, some things that I think will be necessary or helpful for all
of this to be feasible:

< ... />


2. A crypto suite which encrypts everything all the time without the user
needing to do anything.  Session keys are used to encrypt all the types of
traffic, with perfect forward secrecy and deniability as in OTR (unless the
user specifically chooses non-repudiation for some message, which people
won't), and a single persistent public key is used to authenticate all the
session keys for all the types of traffic, but is never used to encrypt
traffic.  People's single persistent public keys can be authenticated by 0,
1, or more than 1 of:
a) Preexisting short shared secret and Socialist Millionaire Protocol as in
OTR
b) Web of trust as in OpenPGP
c) Hash commitment and short authentication string verified by voice as in
ZRTP
Authentication by one or more of these methods can occur whenever it happens
to occur, including long after the key is already in use.

Yes.  I think the above hardening is central.  With it, whether
or not we quickly succeed in other parts of the effort, we will
have a weapon, a weapon of both offense and defense.  Without it,
we have no Freedom Box worthy of the name.

So that's my ultimate super-ambitious wishlist.  I hope some reasonable
fraction of that is feasible in the somewhat near term.

I think a hardened system, a system something like present home
computers, could be made within one year.  And to repeat what
many have said: The thing must be usable, and that means if we
have a subsystem of video conferencing, a new connection cannot
require answering even one confusing question.

oo--JS.

_______________________________________________
Freedombox-discuss mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss

Reply via email to