doing the notary in an ethereum contract is not doable, but the proof verification could be done - or at least this is what I am trying to achieve
anyway I am having troubles to set up my notary server, I need to get it another try, because the req limiter of your aws server wouldn't work for oraclize
anyway my current approach would be just to send a proof hash back to the contract and to push the complete pgsg file on ipfs, but I would like to optionally send the full pgsg back to the contract so that we can have the verification on chain
simplifying pgsg to be less resource demanding would help a lot, but doing the RSA verification is still quite heavy I guess
given the case of oraclize there is no need to keep the pgsg file confidential hence sharing it on ifps would just make sense to me - and would be ~ the same that pushing it to ethereum other than for the cost and the context
belcher joined the channel
proslogion has quit
belcher has quit
waxwing
china behind protonmail i wonder? </tinfoil>
proslogion joined the channel
proslogion
bertani: u using Amazon AWS for the notary server as well?
waxwing: reason for the suspicion
?
waxwing
well it was a thought i had after reading their blog post
they described two levels of attack, one they thought might be state sponsored
no idea. the only thing that comes strongly to mind, is: they fail at security, they use a central point of failure, they pay out ransoms and they want their users to give them more money? ffs
waxwing: yeah, but...the technical branch of Chinese government, is nowhere near as stupid :)
waxwing
compared to? i don't get the context
proslogion
the protonmail people
waxwing
well, sure. why do you mention it though?
to clarify, i don't get why "but the tech. branch of Ch. gov. is not as stupid as protonmail" is an interesting observation in this context
proslogion
oops sorry, i thought by "china behind protonmail" you meant the protonmail people are just Chinese puppets or something
since...may be by coincidence, all the 3 founders are chinese :)
waxwing
ah, got it. no, i meant 'protonmail attack' not 'protonmail'. sorry.
so it took down the ISP. it suits everyone to say 'state sponsored actors'.
if it was just some botnet monkeys the ISP looks stupid.
proslogion
waxwing: well, in which case, knowing the CCP, their interest in surveillance goes as far as those have a possibility of organizing a collective action of some sort in mainland china, so the most likely course of action for them would be just to GFW protonmail and be done with it
also it's not like gmail emails are any less accessible to them than protonmail's, so if you can get over the wall, i don't really know the difference
sorry more accessible*
waxwing
proslogion: is there still some kind of tor based mail service somewhere i wonder?
i guess i mean hidden service based
proslogion
tutanota is one, i am not too sure about the HS aspect, but i mentioned here a lot time ago their encryption is unauthenticated
in any case, this is a dire warning to all of us: relying on any single server for messaging is really not a good idea
waxwing
i'm thinking specifically of anonymity, so i'm not really interested in the encryption aspect (there's gpg which is fine)
proslogion: indeed.
btw belcher is currently working on multi-IRC. I was setting up subspace yesterday for research, but may put it on the back burner.
proslogion
waxwing: well ir's just a vote of no confidence somehow, since i found this after reading their code for half an hour, i don't believe they really know what they were doing
waxwing
as for pagesigner. ...
proslogion: yeah i'm not actually interested in these 'encrypted mail services'. what is needed is anonymity of some sort. encryption is easy.
proslogion
if you are talking about JM...the most difficult part is actually being real-time, or you can just use good old thrown-away email address+encrypted email
imo
waxwing
no, not JM. actually can't see how that would be relevant?
proslogion
people can ddos cyberguerilla e.g
waxwing
just talking about messaging/email without orwellian surveillance
proslogion: hence we are looking at multi IRC server and subspace as I just mentioned
proslogion
yeah just explaining why it's relevant to it
waxwing
oh ok. i think we're on the same page. two different things (avoiding one server and getting anonymity), but both relevant questions
so back to my original Q about that, there is no "tormail" any more?
proslogion has quit
proslogion joined the channel
proslogion
waxwing: well, there almost certainly are, tutanota e.g. can be considered one, but i don't see their merits
re: cryptostorm " injecting corrupted data into realtime network traffic to cause permanent, nearly-irreversible infections in the computers of those targeted" when you don't use authenticated encryption? or is it TLS stack handshake message injection buffer overflow?
waxwing
that's what i meant by possible BS, my BS alarm was ringing there :)