OpenPGP Secret Key Transfer

Werner Koch wk at
Fri Jun 2 16:27:28 CEST 2017

On Fri,  2 Jun 2017 14:07, look at said:

> Desktop and Mobile. We finally came up with a concept based on qr-code
> authenticated TLS-PSK via local network, which I implemented this week:

I briefly looked at the specs which made things more clear to me after
our phone conference.

One immediate problem I see is the use of an arbitrary TCP port.  A
common use case for moving keys between devices are meetings.  There you
often have the corporate network and a separate guest network which are
physically local but from the topology different networks.  Thus the FW
rules won't allow to pass data between them.  To a large extend you have
this problem with all peer-to-peer protocols on the Internet (meaning
connected network segments)

Thus I would suggest to use a dedicated near-field protocol like
Bluetooth.  Or piggyback your protocol on another protocol which is
known to interconnect devices without problems: VoIP or maybe Signal.
Right, that is more effort on the software site but it avoids lots of
practical problems.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170602/44fc4d48/attachment.sig>

More information about the Gnupg-devel mailing list