#tlsnotary-chat

so i can prove my address and my qualified teacher status using tlsnotary now :)

it's amazing how utterly clueless government agencies are. they let you download a pdf stating your qualifications. no digital signature, nothing.

beyond bitcoin latest episode worth a listen stefan thomas, codius. talks about a lot of issues that we talk about. i think he might be referring to you at 31 minutes dansmith_btc , although it's a bit mixed up..

well dat key would have been worth billions

it's crucial to the government that they operate in a way that makes sure nothing goes out of its control(i.e., violence)

oakpacific, you mean digital sigs introduce a risk (having to keep it safe)?

waxwing: i mean, if the govt issues you a qualification, and later wants to revoke it, they can do nothing other than changing the key or waiting for your qualification to expire

oakpacific, well they can put an expiration date on the qualification cert. - but, you are right, that is a good point.

but isn't that problem also an existing problem even for let's say, signed paper qualifications?

tlsnotary solves it though, because you audit in real time.

so if the qual is out of date or revoked, it will show up.

just like bank balances in that regard.

good website design: http://codius.org/ . funny they don't use ssl :)

waxwing: signed/stamped paper qualifications is a mess

yes. and tlsnotary solves it :)

i don't think you are going to just show someone a signed piece of paper and be authorized to do something, there is usually a whole bureaucracy in place handling that

you'd be surprised how often in the real world that paper qualifications are just taken at face value.

waxwing: that's because-they check your bio-identification

waxwing: hey i live in the RL :)

not the halls of academe? :)

halls of academe are all over ZKP, IBT, nonlinear quantum computing and so on. Non regulated p2p ecash? Pfffft

for once Koreans may really help with the adoption of a new technology that actually makes sense

https://github.com/codius/codius/wiki/Smart-Ora... - a little bit vaporish ; nicely written but there isn't much meat on the bone.

such bones are good for soup-stews

TLSNotary maybe good for Hearn's proof of passport

makes the case of a TLSNotary sidechain even more appealing

well tlsn just seems like a better implementation of the PoP idea to me; the latter has problems in the lack of challenge-response, which itself is because of how passports were designed.

but for sure it's interesting to compare the two technologies.

as for tlsn-sidechain, uhh, ok ...?

waxwing: the obvious non-ideal attribute for TLSNotary as PoP is the need for a centralized auditor/a bunch of them

oakpacific, i don't think so; if i use tlsn to prove my address, let's say, then the auditor is the person that wants proof. there is no third party (or 4th depending on how you look at it)

just as, if i want to prove my identity using pop i prove it directly to another party without a middleman, right?

waxwing: the thing is, with pop, the check of the validity of the proof doesn't require the proving party to involve

you just, e.g., visit the govt's website

sorry, who visits the gov website? can you walk me through it, i'm vague on the details/forgotten

waxwing: AFAICR, the proving party first generates a ZKP of his passport info using the gov's signing key

yes

now he publishes his proof, and since everyone can access the gov's signing key, they need to bother the proving party no more

right, so he thereby links it to some pseudonymous id he has (eg bitcoin pubkey, let's say)?

yeah i guess so, so a miner could only collect his reward with this additional proof?

not too clear with the details

(wow. crude wti at 76, usdjpy at 114. the dollar is killing everything.)

waxwing: not cny obviously

i think the ideal scenario, as i remember it from discussions with MH, is the challenge-response scenario, e.g. whatever system it is that needs the ID proof issues the user with a token, then he uses NFC on the passport chip and it uses the chall-resp protocol to sign, and generate the ZKP. Or something like that.

then, only that physical passport could have done that. so for voting, for example. of course, this assumes the govt didn't screw up their crypto.

as for example korea or taiwan (i forget which) did famously.

waxwing: ???!!

are you asking about the korea/taiwan statement?

yes

gonna be hard to find it. i'll try.

waxwing: no no need

just, surprised

okay, i guess in RL, govts still deliver important decrees/orders with a representative in person?

oakpacific, https://www.schneier.com/blog/archives/2013/10/...

and now i remember where i heard about it (one of the places): it was that fantastic talk by djb et al on RSA factoring on youtube.

interesting. in the research they scanned every IPv4 address on the internet, and grabbed the pubkey. that is not a particularly difficult thing to do ( a few billion).

waxwing: i knew you went for a diving :)

despite what i said, thanks a lot

well, it was in 2003 so i guess i can forgive them for that

https://www.gov.uk/government/news/bitcoin-lite... are they generally clueless or what?

yeah that's connected to the one i linked yesterday, right

waxwing: yeah, the title sounds suspiciously enthusiastic this time

oakpacific, maybe of interest to you : http://www.securedolphin.com/

waxwing: oh thanks a lot

waxwing: hmmm, i gave access to it without a second thought, time to reflect....

oakpacific, wow that was ... incautious :) i didn't mean to recommend it!

waxwing: yeah, must have been something wrong with me

i do find it quite interesting though. i found that site from seeing this post: https://bitcointalk.org/index.php?topic=831527....

that's quite a first post from a newbie...

fully anonymous, non-native speaker, but not open source code. strange combination.

to me the architecture looks exactly right.

hey waxwing , you seem to spend way more time arguing for sidechain than for tlsnotary :)

too much pumping and not enough pimping?

mostly i got into an argument with this cypherdoc character, that's all. it kind of annoyed me.

i think when people try to refute you, it's already some kind of a compliment, it means he doesn't consider you a troll and worth arguing

https://www.reddit.com/r/Bitcoin/comments/2ld7a... this is a trivial, but rather annoying attack

yeah saw that, but agree it's just basic/obvious.

attacks on desktop wallets more pernicious i guess. at least this clipboard one *can* be avoided.

my daily reminder: msig pubkeys? any feedback on new status bar?

has anyone tried to audit a pdf? if i'm remembering right, it should work ok, except that tlsn will try to open it directly in the browser on the auditee side, but that's just an optics thing i guess.

oops, new status bar

so much stuff, where to begin where to begin

waxwing: it's my understanding that there is no authentication in PGP other than the signature

omg, thanks allah

wtf is this securedolphin guy doing

he uses rc2-40bit-cbc for his symmetric encryption, u kidding me?

the library he uses supports AES

yet he chooses RC2

clueless

oakpacific, where are you seeing the code?

okay, to be fair, it's not 40 bits as i initially thought, the key is actually 256 bits, the code is in the chrome extension directory, it's all js after all

ok so you have to install it or something?

yes, but i got it form chrome store so no linking of account yet

i don't know anything much about RC2 except who its author is. but obv i'm sure you're right that it's a crappy old technology to be using given what's available.

well, 1995-2005 in general was indeed a dry spell for symmetric encryption

oakpacific, how do you get it from chrome store without linking account? do i have to do it on the phone?

waxwing: no why, you just install it, linking the account requires particular operations which you can just ignore

ah, i guess i can just disable the extension

it does request permission to read mail accounts

ah i see, it doesn't get that until you configure it

waxwing: yes

ah yeah. forge was the project i first saw with a complete TLS implementation in a few thousand lines of JS. I am only slightly less amazed than i was when i first saw it.

waxwing: http://www.urbandictionary.com/define.php?term=... so this is real

yeah, cockney vernacular

waxwing: what seems to be most impressive about forge could be the purpose of writing it :)

what are they gonna do next, write a browser with js, and starts it with another?

yeah it's interesting; javascript crypto is a very valid discussion to have. but javascript TLS is rather difficult to understand.

https://github.com/digitalbazaar/forge/issues/162 - interesting. as if RC4 is the only "broken" thing around...

i should tell the guy that it'd probably take him 1 hour to implement RC4 himself.

oakpacific, do you think it's possible he chose RC2 to avoid performance issues with AES?

waxwing: it's for email, saying performance issue sounds like a bit of a joke

well ... attachments maybe?

consider that forge would not be your first choice when it comes to crypto lib

i would say it's more likely cluelessness

and implementing rc2 yourself is really easy

well i don't think that's at issue; he's using forge's rc2, right, so the discussion is why he used that instead of forge's aes (or aes-gcm maybe?)

although it's also possible

that somehow the js engines of the browsers perform better with rc2

attachment seems like a minor issue, e-mail protocols are notorious for their slow transfer of files, any encryption would be much faster

sure, rc2 like rc4 will be enormously faster than aes, whatever the implementation.

waxwing: hmmm....that really depends i should say

ok, well, let's leave it - let's say you're right that there is no performance issue, then it's just stupidity that we can't analyze.

think again it's more like irresponsibility than stupidity, but well, i agree there is no need to go on consider the code overall is not that good

well; i wouldn't dismiss the entire code as bad because of that. i think the overall design, using namecoin with rsa encryption (pgp) and symmetric encryption is, let's say, of interest.

waxwing: right, but....it looks to me like the key-validation is done through a server

key validation maybe? but last question on FAQ suggests it's OK ?

obviously privkeys shouldn't reach the server, but i am thinking of other things, like verifying the key is really in the blockchain

also i don't think making use of the blockchain itself really makes much sense, we still have a Cpof here

wow you're hard to please :) a blockchain is a very different type of object, difficult to see how you could get further away from cpof than using that.