RE: [Mixmaster-devel] mixmaster v3 keys
Brought to you by:
weaselp
From: Lucky G. <sha...@cy...> - 2002-03-18 05:37:02
|
David Hopwood wrote: > Why re-invent OpenPGP? Just use the OpenPGP key/subkey > formats directly. It may be useful to assign an additional > signature subpacket to mark that the key is for use with the > Mixmaster v3 protocol, and to associate any > Mixmaster-specific flags with it, but that should be all. Whatever the key format, it has to be possible to programmatically determine trust relationships between the keys used by a remailer for both message and link encryption. Meaning that the users and operators of the remailer network need to be able to positively determine that a particular Mixmaster key belongs to the same remailer that is using a particular key for the inter-remailer connection. Ideally without going through key format conversions and without requiring remail ops to manually sign keys. Unless somebody here is ready to write tools that allow for automatic creation and most importantly for automated verification of the required data structures and trust relationships, while guaranteeing that the result will be at least as sound as TLS and SSH (which both saw catastrophic failures even after years of use and thousands of man hours of analysis), the prudent choice would seem to be to utilize TLS as the inter-remailer link encryption protocol and standard X.509 keys as the Mixmaster keys. Just my $0.02, --Lucky |