On Fri, Aug 14, 2015 at 3:00 PM, Trevor Perrin wrote:
> Not a huge deal, usually. But it would be nice if crypto protocols
> like this provided simpler APIs with clearer semantics, particularly
> for the common case of sending a message from keypair A to keypair B.
+1, especially for human-to-
On Thu, Aug 13, 2015 at 9:17 AM, Mansour Moufid wrote:
> Hi everyone,
>
> Is there an alternative to the OpenPGP message format?
>
> There are three problems with OpenPGP, that I understand: metadata; [1]
> format oracles; [2] and difficulty of implementation. [3]
>
> There are many more problems
On Fri, Aug 14, 2015 at 6:07 AM, Simon Josefsson wrote:
> Mansour Moufid writes:
>
> Have you looked at JSON Web Encryption?
>
> https://tools.ietf.org/html/rfc7516
Wow, JWE is almost exactly what I need. I'm going to start with this.
Thanks!
Mansour
On Fri, Aug 14, 2015 at 11:07 AM, Mansour Moufid
wrote:
> Key ID is interesting for another reason: it's an indicator of an
> outdated methodology
KIDs are definitely not an "outdated methodology" for a lot of use cases.
JOSE is a expansive, comprehensive standard that's trying to cover many us
Oops, I didn't "reply to all":
-- Forwarded message --
From: Mansour Moufid
Date: Thu, Aug 13, 2015 at 5:35 PM
Subject: Re: [messaging] alternative to OpenPGP?
To: Daniel Kahn Gillmor
On Thu, Aug 13, 2015 at 2:13 PM, Daniel Kahn Gillmor
wrote:
>> [1] https://medium.com/@nwea
Simon Josefsson writes:
>I forgot to mention XML DigSig/Encryption. It falls into the same category
>as the others.
I'll have to disagree there, I think XML DSig/Enc falls into a category
entirely its own.
Peter :-).
___
Messaging mailing list
Messa
Peter Gutmann writes:
> Simon Josefsson writes:
>
>>Mansour Moufid writes:
>>
>>> Is there an alternative to the OpenPGP message format?
>>
>>Have you looked at JSON Web Encryption?
>>
>>https://tools.ietf.org/html/rfc7516
>
> JWE is... well, it's an alternative in the same way that S/MIME is,
Simon Josefsson writes:
>Mansour Moufid writes:
>
>> Is there an alternative to the OpenPGP message format?
>
>Have you looked at JSON Web Encryption?
>
>https://tools.ietf.org/html/rfc7516
JWE is... well, it's an alternative in the same way that S/MIME is, but all
three formats do more or less
Mansour Moufid writes:
> Hi everyone,
>
> Is there an alternative to the OpenPGP message format?
>
> There are three problems with OpenPGP, that I understand: metadata; [1]
> format oracles; [2] and difficulty of implementation. [3]
>
> There are many more problems[4] but I care about these three
As the author of http://secushare.org/PGP this discussion obviously
attracted my attention... OpenPGP usually comes with SMTP which is
a metadata problem in the first place, so most alternatives are not
about SMTP. Outside of the SMTP+PGP bubble, I assume everybody is rolling
their own thing.. some
10 matches
Mail list logo
