[tahoe-dev] Accounting, 2010 edition

James A. Donald jamesd at echeque.com
Wed Jan 5 11:49:21 UTC 2011


On 2011-01-05 4:06 PM, Randy Bush wrote:
> we know gpg/pgp is unfashionable.  but i got used to being unfashionable
> many decades ago.
>
> so what is in fashion?  cleartext email?  cleartext files?

The problem is not fashion, but architecture and user interface.

GPG requires more clicks, more thought, and more administration than 
insecure communication.

One of the reasons for these excess clicks is that channel identifying 
the network address (the email address that gets mapped to a network 
addresss) is independent of the channel identifying the public key, 
requring dual administration.

The way secure communication should work is that

1: a hash of a rule identifying a public key should serve the function 
of an email address or buddy identifier.

2: Instead of dns mapping human readable centrally allocated and 
controlled names to network addresses, we should have some system that 
maps these hashes to network addresses.

By thus consolidating the two channels into one, we could have a secure 
system with no additional clicks for security in common routine operations.



More information about the tahoe-dev mailing list