Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Re: Looking for Mozillians for my project
22 views
Skip to first unread message
Svetlana Tkachenko
Nov 10, 2016, 5:58:27 AM11/10/16
to Guido Witmond, mo...@lists.mozilla.org
How does this align with what GNU Ring is now doing?
Svetlana
Svetlana
Guido Witmond
Nov 10, 2016, 3:36:05 PM11/10/16
to mo...@lists.mozilla.org
On 11/10/16 11:57, Svetlana Tkachenko wrote:
> How does this align with what GNU Ring is now doing?
>
> Svetlana
Hi Svetlana,
> How does this align with what GNU Ring is now doing?
>
> Svetlana
Thanks for pointing out Gnu Ring to me. I've been looking for a good
Skype replacement and it looks promising.
There are some differences between Gnu Ring and Eccentric Authentication:
* Gnu Ring is an *application* to make conferening easy, Eccentric is a
*protocol* designed to make signing up at sites easy.
* Gnu Ring offers secure communication between friends, Eccentric is
designed to let strangers meet each other and start communicating securely.
Eccentric Authentication is protocol that is making signing up and
logging in at sites easy. Users can remain anonymous if they want to.
But it doesn't stop there. When a site lets people post signed messages,
and the user agent (browser) verifies these message signatures, the site
becomes effectively a key exchange. Reading messages leads to the
discovery of public keys.
With the help of an external verification service, the agent can protect
its user against many MitM attacks.
The verification service also makes it possible to exchange public keys
by just transmitting the account name. With a site that accepts
encrypted messages from anywhere, one can set up a mail-like platform,
but fully end-to-end encrypted. (including the spam, regrettably). The
sender remains annymous for the site. So no leak of meta data.
But the most interesting property is this: once keys have been exchanged
and verified, two people can exchange encrypted messages. If one user
puts a Tor Hidden Service address in there, the other can connect via
Tor and no one, not even the site know of their communication. At this
point, the site can vanish but people (who've exchanged onion-adressess)
can keep communicating. So it's immune against goverments that want to
block communication by taking sites down succeed only partly.
This protocol thus makes authentiction and communiction decentralised
and secure.
I hope this answers your questions,
With regards,
Guido Witmond.
0 new messages