jami
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ring] Future of platform-specific clients?

From: Greg Troxel
Subject: Re: [Ring] Future of platform-specific clients?
Date: Thu, 22 Jun 2017 10:11:42 -0400
User-agent: Gnus/5.130016 (Ma Gnus v0.16) Emacs/24.5 (berkeley-unix) 
Anthony Léonard <address@hidden> writes:

> Hi,
>
>> It does not clearly give a oprotocol spec.
>
> Writing a protocol spec is a task still to be finished but is
> definitely on the todo list. The protocol is not meant to be a 
> “walled garden” ;)

Glad to hear it.  I didn't mean to suggest ring was heading to walled
garden - it's clear from the social context that this isn't true.  Just
that a protocol spec was missing and needed.

One of the things the protocol spec will help with is discussion of the
security model.  I sent an earlier note about a concern with tracking
via the dht.

The other thing that could be discussed is exchange formats for
exporting and importing ring account keys so that people can back them
up and also use the same key on desktop and android, etc.

>> and something RTP/ZRTP-ish to transport the bits.
>
> RTP inside a DTLS channel with Perfect Forward Secrecy encryption and
> peers authenticating each other by their public keys.

I see - so because you have the PK(non-I) already with the peers, you
don't need to play the ZRTP game that would be used to get e2e
confidentiality with regular SIP, and you can just use the peers' keys
and also mix in an ephemeral key to get PFS.  That makes total sense.

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]