[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Keystore usability -- passphraseless keys, etc.
|
From: |
Nathaniel Smith |
|
Subject: |
[Monotone-devel] Keystore usability -- passphraseless keys, etc. |
|
Date: |
Mon, 19 Feb 2007 16:47:15 -0800 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
A proposal (at http://venge.net/mtn-wiki/KeystoreFiles ):
I think the keystore, ~/.monotone/keys, could be more usable. (And
this is an area where usability is important for security.)
Problems:
* It is not obvious how to find one's public key
* It is not obvious that ~/.monotone/keys/ contains private keys
(recently a very smart person sent me his private key
accidentally...)
* We would like to allow passphrase-less keys, but it should be
obvious when you have such a key
Proposed solution: stick extra tags on the end of files we write to
the keystore. At read time, we can do just like we do now, and just
read whatever files are there and suck out any keypair packets. At
write time, we peek at the key we're going to write, and name the file
like <keyid>-<EXTRASTUFF>, where <EXTRASTUFF> is either "PRIVATE" or
"PRIVATE,NO-PASSPHRASE", so people are always clear on what exactly
they have when they look in the key dir. So I might have
~/.monotone/keys/address@hidden (We could also write out a
pubkey packet for convenience, and stick that in a file with -PUBLIC
stuck on the end.)
Comments?
-- Nathaniel
--
The Universe may / Be as large as they say
But it wouldn't be missed / If it didn't exist.
-- Piet Hein
- [Monotone-devel] Keystore usability -- passphraseless keys, etc.,
Nathaniel Smith <=