What kind of security matters

Steven Schear schear.steve at gmail.com
Thu Feb 16 18:46:03 PST 2017 

These key storage and recovery issues are a prime focus of SatochiLabs
Trezor series.
https://doc.satoshilabs.com/trezor-faq/overview.html

Warrant Canary creator

On Feb 16, 2017 6:35 PM, "James A. Donald" <jamesd at echeque.com> wrote:

> On 2/17/2017 11:37 AM, Zenaan Harkness wrote:
>
>> On Fri, Feb 17, 2017 at 10:47:15AM +1000, James A. Donald wrote:
>>
>>> It is unlikely that Trump would manage his own public keys - and he
>>> cannot
>>> trust the white house staff and government security people to manage them
>>> for him.  It is even more unlikely that Podesta would manage his own
>>> public
>>> keys.
>>>
>>
>
> IPSEC was in principle the right approach in so far as "pre-emptive" or
>> opportunistic "link" encryption (i.e., your communication channel, by
>> default - as you say, zero clicks).
>>
>
> Ipsec is not very secure.  What I was thinking of is a global database
> linking phone numbers, email addresses, etc, to public keys with a witness
> mechanism to ensure that every client gets told the same story as to which
> public key is associated with which phone number.
>
> So if your client looks up its own public key by phone number, it sees a
> hash chain connecting that association to the global witness hash, and
> knows that client it is talking to sees the same public key.  Clients
> upload and download public keys at infrequent intervals without human
> intervention.
>
> This works fine with phones, since people assume one phone number per
> physical phone.  Phone forwarding systems are assumed to forward from one
> phone number/physical device to another phone number physical device. Not
> so fine with email addresses. Just have to give people the option
>
> 'Your emails are currently encrypted so that they can only be read on the
> following physical devices ...
>
> "Add current device to list for future emails?"
>
> "Edit list of devices that are empowered to decrypt your email?"
>
> Which interface is likely to confuse and irritate them.
>
> And if you lose or damage the physical device that currently holds all
> your old emails and you have not backed it up recently, thus losing all
> your old emails and the secret key that can decrypt them - that could be
> very handy if an investigation is coming up.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3106 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20170216/d287ba88/attachment.txt>

More information about the cypherpunks mailing list