On 11/01/13 05:49 AM, Sean Lynch wrote: >> Contacts would be identified by their (Ed25519) public key. When you add >> someone, you just paste their public key and type a "pet name" for them, >> which is what would be shown in your contact list. People could also >> associate various metadata with their public key in a very similar way >> to how they do with PGP keys: with metadata packets signed by themselves >> and other people, thus establishing a web of trust that would enable >> search, the same way we can reliably search for PGP keys but with an >> easier-to-use interface that will always show someone's relationship to >> your current trusted contacts.
On 2013-01-12 5:42 PM, ianG wrote: > Question 1: would your application allow multiple keys per person? And > if so, does this mean the app has to manage a petname across multiple > keys, or does the user have to manage multiple petnames across > multiple people? Question 2: what happens when a user's PGP key / > persona (however it is termed) is lost or compromised? I'm tussling > with these issues at the moment. This is part of a bunch of hard, and intimately interrelated UI problems, which really need a UI mockup. Your contacts list, your bookmarks list, and what pops up when you hit the reply button are all, in a sense, implementing Zooko's triangle, in that the underlying urls tend to be long and incomprehensible, and therefore the user is not expected to look at them or enter them. If end users do not like to deal directly with existing urls, even less are they willing to interact with cryptographic identifiers. I would really like to see some mock implementations supporting Zooko's triangle with cryptographic identifiers. >> When you start the application for the first time, it prompts you to >> generate a public key or import one (it could be generated from a >> password, but this has some problems associated with it). It lets you >> put any metadata you want on the key, then connects to the network via >> an included list of seed peers, or you could type them in yourself. The >> application would then maintain a list of known reachable peers for >> future connections. > ... > > To echo James' comments, if you want ordinary users, you shouldn't ever > expect them to use keys. Most ordinary users will run screaming on > sight of a PGP key. > > iang > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers > _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
