People
Activity
  • Feb 01 22:04
    User @melvincarvalho unbanned @namedgraph_twitter
  • Feb 01 21:49
    @melvincarvalho banned @namedgraph_twitter
Dmitri Zagidulin
@dmitrizagidulin
so i’m glad you’re working on it.
Phillip Hallam-Baker
@hallambaker
@dmitrizagidulin Well, I am focused on trying to solve the problems I see nobody else working on.
Dmitri Zagidulin
@dmitrizagidulin
yeah? tell us more
Phillip Hallam-Baker
@hallambaker
@dmitrizagidulin My objection to most PW managers is that they don't solve the multiple device problem. I started by looking to solve the multiple device problem.
Dmitri Zagidulin
@dmitrizagidulin
i thought most of the main ones (like LastPass) do solve that problem?
Phillip Hallam-Baker
@hallambaker
@dmitrizagidulin The Mesh has three basic structures, profiles which contain descriptions of a configuration for an application or device. Including necessary public/private keys
Dmitri Zagidulin
@dmitrizagidulin
as in like, i use it on 3 devices..
Phillip Hallam-Baker
@hallambaker
@dmitrizagidulin Not in a documented end-to-end secure fashion, they don't
@dmitrizagidulin And not as an open standard.
@dmitrizagidulin And you can't use it to manage your PGP or S/MIME or SSH keys
Dmitri Zagidulin
@dmitrizagidulin
sounds good. sounds like you’re adding some good functionality.
Phillip Hallam-Baker
@hallambaker
@dmitrizagidulin Well it is not Solid but I think there is a lot of scope for synergy here.
@dmitrizagidulin I need a contacts manager because I need to be able to perform user directed access control on every incoming message. I don't care what the format of the contacts catalog is. But I do need there to be a contacts catalog.
@dmitrizagidulin So I probably want to lift the semantic web type stuff in Solid to describe the real world so I can stick to the problem of synchronizing data across devices.
@dmitrizagidulin The two data structures I deal with are a catalog which is a set of entries. I use those to represent passwords, contacts, calendar entries, application configurations, etc. etc. and the other one is a spool which is simply a list of messages.
Phillip Hallam-Baker
@hallambaker
Here is the unique selling point - I split decryption keys into two or more parts which allows me to control their use. So you encrypt as usual but the user device only has one half of the decryption key. To perform a decryption operation, the device needs a service holding the other half of the key to do the other half of the work.
This is powerful because it means that my recryption service controls the ability to decrypt data but cannot decrypt by itself.
Sarven Capadisli
@csarven
@hallambaker I was being sarcastic/ironic =) It is beautiful if everything works smoothly.. and even then mangling everything in the OS/browser is PITA. Sure, it is miles ahead of usernames/passwords but to get there is just a whole another story.
Scott McWhirter
@konobi
http-signatures was pretty pleasant to work with
Phillip Hallam-Baker
@hallambaker
@csarven TLS client auth was a checklist feature added to satisfy a contractual requirement. It was never properly engineered. It is no wonder it failed miserably. More generally though, any infrastructure that is going to replace passwords must cost no more to deploy than passwords do. i.e. nothing
csarven @csarven notices that Martynas ( @namedgraph_twitter ) was banned and then unbanned from this channel by @melvincarvalho . Did I miss the fun stuff? On what grounds?
Scott McWhirter
@konobi
(this is a w3 draft now, iirc... though can't remember how far along it is: https://github.com/joyent/node-http-signature/blob/HEAD/http_signing.md )
Eduardo Ibacache Rodriguez
@eduardoinnorway
A draft of my Stockholm presentation this coming friday, I have to merge some from @RubenVerborgh last presentation, anyways please come with comments and feedback. https://docs.google.com/presentation/d/1G34UGSzaGCXdeMgOTWup-54y7JdCoFwMPtlojidIKdc/edit?usp=sharing
Sarven Capadisli
@csarven
TIL I'm a Solid activist from the "dokielie" Enterprises :P
Eduardo Ibacache Rodriguez
@eduardoinnorway
Well, like I said, please give feedback :)
Sarven Capadisli
@csarven
Typo on "dokieli" :)
Dmitri Zagidulin
@dmitrizagidulin
i wanna be a solid activist. :)
Sarven Capadisli
@csarven
BTW, I would suggest to use something other than "we need you"
2nd last slide I think
  • Think of it in terms to "let's collaborate" as opposed to recruiting people
@dmitrizagidulin It doesn't pay that well.. you can have my title :)
@eduardoinnorway More towards "let's build it together"
Eduardo Ibacache Rodriguez
@eduardoinnorway
Do we get paid? Where is the salary office? :)
Sarven Capadisli
@csarven
Less towards "join our army" IMO
It gives a different message.
Similar to "join our team" vs "work for us"
Eduardo Ibacache Rodriguez
@eduardoinnorway
@dmitrizagidulin There is no signup form, you joined by coming here :) We are all activists trying to move this thing forward.
Sarven Capadisli
@csarven
Tim said the cheaque is in the mail but, maybe it got lost on the way.
Eduardo Ibacache Rodriguez
@eduardoinnorway
Mine was bounced :)
Eduardo Ibacache Rodriguez
@eduardoinnorway
@csarven GOOD POINTS
Screen Shot 2019-02-03 at 21.32.46.png
Better?
Dmitri Zagidulin
@dmitrizagidulin
@csarven lol, you are too kind. (re your title)
Sarven Capadisli
@csarven
@eduardoinnorway Yea, play around with that.. eg "Let's build the WebWeWant together!"
Don't need to say "join us" :) Already implied.
Please dont' forget to fix the typo on dokieli
It messes up in my head. I hear a different sound.
Like "doki yelli"
Eduardo Ibacache Rodriguez
@eduardoinnorway
Fixed the heading and also fixed correctly to Dobidoo. Note that I will do Solid for dummies and Arne is going to do the technical part. And if anyone else wants a slide about their project, send to me latest Wednesday.