[Commotion-dev] SPAN Android App
Michael Rogers
michael at briarproject.org
Tue Oct 16 00:18:36 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 15/10/12 23:10, Jeremy Lakeman wrote:
> I'm also extending the work I did for olsr, supporting unicast
> destinations in servald's routing table, to build Serval's first
> piece of infrastructure. An opt-in dns like global directory of
> phone numbers, public keys, and current internet addresses. Some
> time in the future, you will be able to use Serval to place phone
> calls over the internet, or send any other kind of encrypted
> payload to anyone in the world. And all you'll need to know is
> their phone number or public key.
Hi Jeremy,
This sounds like a really exciting piece of infrastructure, but if all
I have is someone's phone number, how can I authenticate the data I
retrieve from the directory (which I guess would include the person's
public key)? What's to stop someone else from storing their public key
under my phone number, or replacing my public key with their own when
forwarding a directory response?
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQfKfbAAoJEBEET9GfxSfM+pkH/RHlGElZ4Pa4eq0ibFfBEMcI
9Ix+rqYVs9jhBadUVDSu4OGahJN85ukhkpyZpUCH83yczbZhGxwN9aK6a0aumX0y
DyAyn0jZHGUE/bw6tJFCzOJcthPBpw75xzWpbhPTi7XZd9e4dC/YNd6S0wwDipny
QFOOTdO2EB5cjBKcLgRVrOyKXo4b2H275FP3v9UCUtg1rJ5ziPf4OnQ3tbUIK9Nd
X+NOGzgEPQMsVaV/samjVPCwrw4Msr+2+76IPOVHd0Ut8FuWdBFl7WxWoE/Y28aP
fMiaJ/kEY/iaYRnpgfD4AgDsyNzI44+mgLg0DhlFzXBn/qFdNm3SwQIDPHUBDZo=
=tcVh
-----END PGP SIGNATURE-----
More information about the Commotion-dev
mailing list