Menu

#139 Enhanced public key exchange with Barcode Scanner, high-performance keyserver

New
nobody
None
Medium
Defect
2013-01-17
2012-12-14
Anonymous
No

Originally created by: casey.ma...@gmail.com
Originally owned by: domschuermann@gmail.com

Real-life public key exchange could be enhanced with QR codes. At a key signing party, Paula and David, well, let's just call them Alice and Bob for sake of protocol specification, hit it off and decide to exchange keys.

Alice's APG displays her public key fingerprint prominently as a QR code. Bob scans with APG, which triggers a keyserver op=get. Matching signed UID and user attribute photo are displayed prominently for verification. Bob confirms to sign Alice's UID and pushes to the keyserver. Alice's APG, meanwhile, has been polling the keyserver for updates to her own key. Once the signature hits the keyserver, Alice's APG looks up and displays Bob's UID and user attr photo. Alice confirms signing Bob's UID and pushes to the keyserver. Bob receives a short confirmation message that the key exchange is complete.

Some keyservers can take a long time to update and wouldn't be very convenient to poll like this. Not to worry, as I am the author of Hockeypuck (https://launchpad.net/hockeypuck), a high-performance keyserver developed in Go. Push notifications are on my roadmap.

I'm up for working on this, I've only dabbled in Android but I'm pretty experienced with Java & BouncyCastle's OpenPGP libraries. What do you think?

Discussion

  • Comment has been marked as spam. 
    Undo

    View and moderate all "tickets Discussion" comments posted by this user

    Mark all as spam, and block user from posting to "Tickets"

    Anonymous

    Anonymous - 2013-01-08

    Originally posted by: domschuermann@gmail.com

    Hi,

    QR Code and NFC sharing is implemented in my fork: https://github.com/dschuermann/apg

    Currently the whole keyrings are exchanged without a keyserver.
    Especially for qr codes this imposes a problem when they get too big, I would be happy if someone improves old code that implemented a similar function as you proposed by only exchanging the fingerprint and then querying a keyserver.

    I am open for pull requests on github :)

    Owner: domschuermann@gmail.com

     

Log in to post a comment.

MongoDB Logo MongoDB