Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • May 12 12:19

    jaytaph on copyright-year-update

    (compare)

  • May 12 12:19

    jaytaph on main

    Updated copyright year Merge pull request #211 from bi… (compare)

  • May 12 12:19
    jaytaph closed #211
  • May 12 12:12
    coveralls commented #211
  • May 12 12:12
    coveralls commented #211
  • May 12 12:09
    jaytaph closed #209
  • May 12 12:09
    jaytaph commented #209
  • May 12 12:09
    sonarcloud[bot] commented #211
  • May 12 12:08
    jaytaph opened #211
  • May 12 12:08

    jaytaph on copyright-year-update

    Updated copyright year (compare)

  • May 12 12:06

    jaytaph on main

    (compare)

  • May 12 12:00

    jaytaph on ci-flow

    (compare)

  • May 12 12:00

    jaytaph on develop

    Fixing to a specific addlicense… documenting 1.17 requirement Merge pull request #210 from bi… (compare)

  • May 12 12:00
    jaytaph closed #210
  • May 08 09:16
    jaytaph edited #210
  • May 08 09:15
    sonarcloud[bot] commented #210
  • May 08 09:15
    sonarcloud[bot] commented #210
  • May 08 09:15
    jaytaph closed #208
  • May 08 09:15
    jaytaph synchronize #210
  • May 08 09:15

    jaytaph on ci-flow

    documenting 1.17 requirement (compare)

Joshua Thijssen
@jaytaph
hmm.. the resolve function to the keyserver doesn't like this neither.. it needs either a foo! or foo@bar!
but i cannot function with just @bar!
Joshua Thijssen
@jaytaph
nope.. keyserver is not budging... :/
Joshua Thijssen
@jaytaph
i'll use bitmaelum@<org>! for now as the organisation address.. this will work for now... Now I have to see if I can implement the thing we discussed earlier
acalatrava
@acalatrava
Finally!
Once upon a midnight dreary, while I pondered, weak and weary,
Over many a quaint and curious volume of forgotten lore—
While I nodded, nearly napping, suddenly there came a tapping,
As of some one gently rapping, rapping at my chamber door.
"'Tis some visiter," I muttered, "tapping at my chamber door—
Only this and nothing more."
I think organizations should be treated like regular address
Since is the client the one who will register the organization address, then is the client who can modify the routing address too
acalatrava
@acalatrava
Why do you think about this:
John! and john@acme! Should be treated the same (same hash function) however the organization may sign your account+routing address and provide it to you so you can register with it. The keyserver will not verify this signature, it will just store it and make it available to ask for it
Then, a client who receive a mail from john@acme! Will ask the keyserver and verify the signature. If the signature is not there or is not correct then it will flag the message as “unsafe” or something like that so the client will know that despite the address looks like comes from an organization, it actually won’t
It’s easier to implement (no work for the keyserver) and easier to create and maintain organization addresses
What do you think?
BTW we should move out from Gitter. It sucks XD
acalatrava
@acalatrava
In fact this way a regular email like John! may belong to an organization if the organization signed it
BTW now that I re-read the email I sent you it sounds like I’m proposing lol
Joshua Thijssen
@jaytaph
yeah..
but i don't know what else.. problem is that i really like the history at the moment for finding solutions to problems..
so... if I have "john!", then "john@acme" and "john@wick!", and "john@bonjovi!" should be the same users?
i would see organisations as a namespace, more or less.. where no namespace is the default namespace...
acalatrava
@acalatrava
No, each address is different. Forget the @ at the address name and generate a hash for the whole string.
Joshua Thijssen
@jaytaph
not sure what you mean
acalatrava
@acalatrava
Why having organization at the address is useful?
Joshua Thijssen
@jaytaph
to differentiate between different john's..
acalatrava
@acalatrava
It will be different
Sha256(“John”) != sha256(“john@acme”)
Joshua Thijssen
@jaytaph
yes.. but that has the organisation in it? so i'm not sure what you are saying?
acalatrava
@acalatrava
Cryptographically the keyserver will guarantee that john@acme belongs to acme
Joshua Thijssen
@jaytaph
yes. acme will generate an invitation code that the keyserver can/must verify
that can only come from the organisation itself
acalatrava
@acalatrava
Yes, and not only that, the keyserver will store that invitation so the clients can verify when they receive an email that the address belongs to the org
You are thinking that because the address has a @ in it it should belong to an organization. But what I’m telling is that the @ means nothing, only visually it could belongs to an org, but in reality anyone could create that address. Only the address that cryptographically are signed are the ones that belongs to the org
Joshua Thijssen
@jaytaph
yes.. but we check that when a user adds their account to the key-resolver?
we don't need to check it every time?
acalatrava
@acalatrava
Is not needed to check it on the key resolver? We just Store it
The client will verify when receive an email from that account
And will add a flag to the email telling that the email comes from an organization (and the organization name)
Joshua Thijssen
@jaytaph
i'm not 100% sure how that would work
acalatrava
@acalatrava
Ok I’ll try to explain it better in a document
Joshua Thijssen
@jaytaph
:-)
acalatrava
@acalatrava
I’m not sure if I could do it today though
More IKEA furniture 😅
Joshua Thijssen
@jaytaph
no rush.. i'm not 100% sure what you mean.. but i need to setup some other things as well.. maybe think about a bit on reading messages...
acalatrava
@acalatrava
By the way, when you fetch messages are they stored on the vault? Or the vault only contains the keys and addresses?
Joshua Thijssen
@jaytaph
only keys and addresses... i don't actually fetch messages yet... that will come later i guess
send you a new message...
acalatrava
@acalatrava
Oh ok, that’s what I though
However we need to develop a nice client with UI soon
I could create something with flutter for Android/iOS
Joshua Thijssen
@jaytaph
yes.. i've started with some electron stuff... but this is not really my cup of tea...
acalatrava
@acalatrava
Yes, I cloned the repo thinking that it was working
It looked nice though