Check-in [eed1c3e195]
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Markdown edits
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:eed1c3e1956336eb9816b980f7a2f3a9b924a2bf
User & Date: bernd 2019-03-04 22:33:10
Context
2019-03-07
13:34
Bump version number check-in: 3f673a735d user: bernd tags: trunk, 0.8.8-20190307
2019-03-04
22:33
Markdown edits check-in: eed1c3e195 user: bernd tags: trunk
2019-03-01
13:07
Add community imports, allow removing chatgroups check-in: 124227a19b user: bernd tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to connect.fs.

120
121
122
123
124
125
126

127
128
129
130
131
132
133
    0 >o cookie, o> stskc KEYSIZE erase ;

+net2o: map-request ( addrs ucode udata -- ) \g request mapping
    2*64>n
    nest[ sec-cookie,
    max-data# umin swap max-code# umin swap
    net2o:new-map net2o:create-map

    ]nest  net2o:create-map
    64drop 2drop 64drop ;

+net2o: set-tick ( uticks -- ) \g adjust time
    o IF
	adjust-timer( ." adjust timer" forth:cr )
	ack@ .adjust-ticks







>







120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
    0 >o cookie, o> stskc KEYSIZE erase ;

+net2o: map-request ( addrs ucode udata -- ) \g request mapping
    2*64>n
    nest[ sec-cookie,
    max-data# umin swap max-code# umin swap
    net2o:new-map net2o:create-map
    \ keypad keysize sec$, store-key  stskc KEYSIZE erase
    ]nest  net2o:create-map
    64drop 2drop 64drop ;

+net2o: set-tick ( uticks -- ) \g adjust time
    o IF
	adjust-timer( ." adjust timer" forth:cr )
	ack@ .adjust-ticks

Changes to wiki/data-retention.md.

36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

Every chat partner keeps a chat log.  Chat logs remember all the chat messages
except those who are set to OTR (“off the record”).  OTR logs are kept in main
memory, but not stored permanently.  Chat logs of group chats can be synced
with any group member.  OTR logs can't be synced; they are only seen by people
who are active at the time of their sending.

In near future, you can ```/otrify``` your own messages; if honored by your
peers, they will disappear.  Note that only active peers in a group will be
able to see an ```/otrify``` request.  This honors your right to be
forgotten.

### DVCS projects ###

All your DVCS projects create an immutable chain of commits which are signed
by you and the other contributors.  History revision is only possible when all
signers agree to it, and everybody who holds a copy accepts the recall.







|

|







36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

Every chat partner keeps a chat log.  Chat logs remember all the chat messages
except those who are set to OTR (“off the record”).  OTR logs are kept in main
memory, but not stored permanently.  Chat logs of group chats can be synced
with any group member.  OTR logs can't be synced; they are only seen by people
who are active at the time of their sending.

In near future, you can `/otrify` your own messages; if honored by your
peers, they will disappear.  Note that only active peers in a group will be
able to see an `/otrify` request.  This honors your right to be
forgotten.

### DVCS projects ###

All your DVCS projects create an immutable chain of commits which are signed
by you and the other contributors.  History revision is only possible when all
signers agree to it, and everybody who holds a copy accepts the recall.

Changes to wiki/pki.md.

46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
solve this, various attempts at creating a PKI have been started. The most
widely used PKI attempt is that of SSL, and it is a failure. I need to explain
what SSL does to ensure that identities are correct:

SSL's PKI attempt
-----------------

SSL uses Certificate Authorities (CAs) to sign public
keys. The message of this signature is "someone gave us some money, told us he
has this domain, and he gave us this public key." The "premium" signatures
usually mean "he gave us more money". This is big business, so you can expect
that the most trustworthy members drop out earliest—because someone paid them
a lot of money (Mark Shuttleworth sold Thawte, the first CA, for $500M to
VeriSign in 1999). However, the actual trustworthyness of the CAs itself is not
the real problem. The real problem is that any CA can sign any combination of
domain name and public key, as they like. And any intruder into one of the CAs,
who get access to the signing script can do the same. This is what happened
with DigiNotar. An intruder used DigiNotar's signing key to create a
*.google.com certificate. Iran used this certificate to spy on users who used
Google. This came to light, because Google does not really trust the SSL
scheme, and Chrome has a priori knowledge over the google.com domain
signatures, which are signed by Google's own CA. Iran needed to intrude some
other CAs like DigiNotar, because they don't have their own CA, while e.g.
China or the USA have one. Now you have that trust problem again: You don't
know which of the 600 CAs are trustworthy and which are not. And it is
sufficient if <b>one</b> of them is not, even when the vast majority would be
ok. Oh shit!

The Broken Promise
------------------

It turns out that the promise of Diffie-Hellman does not hold. To
verify the identity of your communication partner, you still need a







|
|
|
|
|
|
|
|
|
|
|
|
|





|







46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
solve this, various attempts at creating a PKI have been started. The most
widely used PKI attempt is that of SSL, and it is a failure. I need to explain
what SSL does to ensure that identities are correct:

SSL's PKI attempt
-----------------

SSL uses Certificate Authorities (CAs) to sign public keys. The message of
this signature is "someone gave us some money, told us he has this domain, and
he gave us this public key." The "premium" signatures usually mean "he gave us
more money". This is big business, so you can expect that the most trustworthy
members drop out earliest—because someone paid them a lot of money (Mark
Shuttleworth sold Thawte, the first CA, for $500M to VeriSign in
1999). However, the actual trustworthyness of the CAs itself is not the real
problem. The real problem is that any CA can sign any combination of domain
name and public key, as they like. And any intruder into one of the CAs, who
get access to the signing script can do the same. This is what happened with
DigiNotar. An intruder used DigiNotar's signing key to create a
`*.google.com` certificate. Iran used this certificate to spy on users who
used Google. This came to light, because Google does not really trust the SSL
scheme, and Chrome has a priori knowledge over the google.com domain
signatures, which are signed by Google's own CA. Iran needed to intrude some
other CAs like DigiNotar, because they don't have their own CA, while e.g.
China or the USA have one. Now you have that trust problem again: You don't
know which of the 600 CAs are trustworthy and which are not. And it is
sufficient if **one** of them is not, even when the vast majority would be
ok. Oh shit!

The Broken Promise
------------------

It turns out that the promise of Diffie-Hellman does not hold. To
verify the identity of your communication partner, you still need a

Changes to wiki/try-it.md.

38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

    keyin <nick>.n2o
	
Or you can announce your identity to the DHT with

    announce

and then import the key into other accounts by doing a ```keysearch```
as above (but with the first 5 characters of the pubkey you created).

Try encrypt and decrypt a test file for yourself:

    <create a file>
    enc <file>
    cat <file>.v2o







|







38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

    keyin <nick>.n2o
	
Or you can announce your identity to the DHT with

    announce

and then import the key into other accounts by doing a `keysearch`
as above (but with the first 5 characters of the pubkey you created).

Try encrypt and decrypt a test file for yourself:

    <create a file>
    enc <file>
    cat <file>.v2o