[146884] in cryptography@c2.net mail archive
Re: [Cryptography] Usage models (was Re: In the face of
daemon@ATHENA.MIT.EDU (Peter Saint-Andre)
Mon Sep 9 00:00:14 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 08 Sep 2013 17:15:44 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
To: "Perry E. Metzger" <perry@piermont.com>
In-Reply-To: <20130908155149.5e6f5049@jabberwock.cb.piermont.com>
Cc: Jerry Leichter <leichter@lrw.com>, "Marcus D. Leech" <mleech@ripnet.com>,
cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 9/8/13 1:51 PM, Perry E. Metzger wrote:
> On Sun, 8 Sep 2013 14:50:07 -0400 Jerry Leichter
> <leichter@lrw.com> wrote:
>> Even for one-to-one discussions, these days, people want
>> transparent movement across their hardware. If I'm in a chat
>> session on my laptop and leave the house, I'd like to be able to
>> continue on my phone. How do I hand off the conversation - and
>> the keys?
>
> I wrote about this a couple of weeks ago, see:
>
> http://www.metzdowd.com/pipermail/cryptography/2013-August/016872.html
>
> In summary, it would appear that the most viable solution is to
> make the end-to-end encryption endpoint a piece of hardware the
> user owns (say the oft mentioned $50 Raspberry Pi class machine on
> their home net) and let the user interact with it over an encrypted
> connection (say running a normal protocol like Jabber client to
> server protocol over TLS, or IMAP over TLS, or https: and a web
> client.)
Yes, that is a possibility. Personally I'm still mulling over whether
we'd want your little home device to be a Jabber server (typically
requiring a stable IP address or an FQDN), a standard Jabber client
connected to some other server (which might be a personal server at
your VPS or a small-scale server for friends and family), or something
outside of XMPP entirely that merely advertises its reachability via
some other protocol over Jabber (in its vCard or presence information).
> It is a compromise, but one that fits with the usage pattern
> almost everyone has gotten used to. It cannot be done with the
> existing cloud model, though -- the user needs to own the box or we
> can't simultaneously maintain current protocols (and thus current
> clients) and current usage patterns.
I very much agree.
Peter
- --
Peter Saint-Andre
https://stpeter.im/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSLQUgAAoJEOoGpJErxa2p9NUP/3R2p37pupeFB3GV5NJt1sN9
kOO+P9TXO8Ra3WXeQcNcwe43tVfpKlJIbHa9tZbs5Mvl6F2TSqChTxZ2ftS178Ul
QAhX3SuztbPr7LUjROmmwLBVHr9k06LMVjSM4B5XFk3uGV+5IrTfpRkBLH7UB7vh
9mA21Zu/tGjUNPZBbHJIqXHhHMFTS4ewUznEwr4vT87xVkcG2yJ385IF/6Q22a1u
n6hWuLPcWwABROIXRhZ/wDafEKnchUGiAICiGpAjd6Ngrc3gzvsOGPjcIdFS9sO8
SWO1W+AJQi6HlcnMrmlmlRJL/pBkQbOvV97/VozOKmwdP7a6LZ+OcRkpyy4HrV2C
5KBvYrl66G/G6WaWF9juRbjSvQLhpJ6CkSJ0vwfttCfI2oTmAGo/+d/L1V6Pdmv5
RYWoON6wyHTOTmvmewEcjHGzTKgae+u4BcbzZND1vpaoN4Wo5eXWQ5NkAUzK1INY
NIz4kORhnHsGOfy8SCKV7WO6JQHFzFc7hZMZ8y0VkfozVK1N0IJRxPblWynI/wo6
xy3WtCWvAmCmDL0fm0SdVC3K85hJFD2kbPQWoqyKPq700PjE4/WJyL4/0Eu2cYa5
m9rB/vM5Cdkrv9LEJtZjQ7Ro0flV21P+rr2iZXVSXPVbzuj4K4oRGihcXwD9E/B7
+o+v/Ckzamfi1fpawnDk
=ICV8
-----END PGP SIGNATURE-----
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography