::scr tales from the crypto

Richard Clamp scr@thegestalt.org
Fri, 19 Apr 2002 21:05:03 +0100


On Fri, Apr 19, 2002 at 07:39:52PM +0100, Alex Robinson wrote:
> [All of Matt's message zapped so as to convince the signal/noise 
> fascists that this is a 'good' mail]

\/\/

If I have to explain that quoting is fine but squillions of one-line
responses on an argument that nobody can win isn't then I may have to
scream and scream until I'm sick.

> Is this idea of key servers mad, impossible to implement or already 
> in existence?

The idea of key servers certainly exists.
http://www.keyserver.net/en/

With some slight modification all that you imagine could be done
works already.  Changes are:

+ 0.0 Sender looks up the recipients public key id.
+ 0.1 Sender adds it to their local keyring
+     gpg --recv-key $keyid
+ 0.2 select to encrypt the message you're sending
+     (in mutt p e, on the where-you-hit-y-to-send screen)

> 1. Sender hits "send message"
- > 2. Client looks up address and contacts relevant server
- > 3. Server passes back public key
- > 4. Client encrypts message

+ 4 Client shells out to gpg, to encrypt the message.

> 5. Client sends message to server
> 6. Server passes message to recipient
> 7. Recipient decrypts message with private key

Of course all this depends on the first step of people registering
their keys with keyserver.net, or at least passing around their public
keys in some way which pleases them.

I'm sure step 0 can be made smoother, with a quick script or two, but
that's an exercise for anyone who cares enough.

-- 
Richard Clamp <richardc@unixbeard.net>