Joe 8 years ago
Well so far these books have been very insightful. Think I'm going to add Private Messaging as a bit of priority. I think it will be a good way of making Pjuu a but more useful than just public/trusted communication 😀
  • 8

Replies

  • Sigg3 8 years ago
    @Ant I'm going to review the issue as soon as my home office is back up (currently in boxes) :)
    • 1
  • Ant 8 years ago
    blast! its a typo, that should read "should not be an issue" but to be fair there is a whole infrastructure for public keys ( mit pgp key server and others ) so may be some effort to essentially replicate that. although i have heard some arguments for not using those public key servers.
    What say you ?
    • 1
  • Sigg3 8 years ago
    @Ant, I am confused. Why is it a problem to store public keys?
    • 1
  • Joe 8 years ago
    @ant I completely agree. I think a lot of services get stick even though for being just as encrypted but also storing/generating keys. TBH PGP is something you can do at any time if you wish. I think we should just make it easier on here and provide a good tutorial with sane methods
    • 0
  • Ant 8 years ago
    I dont think we really want to be storing the persons key. This sticks a massive target on us in the first instance. allowing the post of a enc. blob should be fine and we can ID the message as encrypted etc
    Storing the persons public key should be an issue. But we *must* store the long format key id and not the short ( see the recent scare re torvalds signing key as for why )
    • 1
  • Joe 8 years ago
    @sigg3 good idea. Will have a think whilst away and run a plan past you 😀
    • 1
  • Sigg3 8 years ago
    @Joe Just add a ticker box below pm message input "encrypt". If no pub key is setup at sender and/or recipient, refer to a simple tutorial. Perhaps also add links to generally trusted key rings, or urge a pjuu specific key pair..?
    • 1
  • Joe 8 years ago
    *just thinking* we could identify a post as being encrypted some how and allow it as a special case? I can't image many users will be writing messages which are in the same format.
    • 1
  • Joe 8 years ago
    @ant, @sigg3 I think the cap could be easily lifted for the sake of PGP. Especially on Private messages it wouldn't add that much over head the extra size of post. I think we would have to make it very clear we wouldn't be able to help users who lose there private key. TBH this would be a rather manual process for users as having anything to do with the private key would defeat the point but letting people use it would be helpful.
    • 1
  • Sigg3 8 years ago
    @Ant It would be large, but not to its proper recipient. Since we're talking PM, it wouldn't flood any public channels either. (AFAIK #pgp is the tech and #gpg is an implementation.)
    • 1
  • Ant 8 years ago
    a message pushed through [G|P]GP would end up being quite large you may only be able to get a small message in to a 500 Char's
    like really small
    a sig alone would be quite large compared with the message
    • 2
  • Joe 8 years ago
    Haha ROT14 😀 at least I could encrypt directly in Vim. @sigg3 I can't really see a reason we couldn't add helpers for PGP in to PMs. Realistically we could also add them to general posts to make it easier.
    • 1
  • Ant 8 years ago
    NO ONE EXPECTS ....ROT14 !!
    • 2
  • Bandie 8 years ago
    rot13 encryption!!!!!+#@@
    • 3
  • Sigg3 8 years ago
    Would be nice if we could have #PGP support. Even if it's only a "my public key" page attached to the profile it would help adoption.
    • 3