OpenPGP Secret Key Transfer
Werner Koch
wk at gnupg.org
Fri Jun 2 16:27:28 CEST 2017
On Fri, 2 Jun 2017 14:07, look at my.amazin.horse said:
> Desktop and Mobile. We finally came up with a concept based on qr-code
> authenticated TLS-PSK via local network, which I implemented this week:
I briefly looked at the specs which made things more clear to me after
our phone conference.
One immediate problem I see is the use of an arbitrary TCP port. A
common use case for moving keys between devices are meetings. There you
often have the corporate network and a separate guest network which are
physically local but from the topology different networks. Thus the FW
rules won't allow to pass data between them. To a large extend you have
this problem with all peer-to-peer protocols on the Internet (meaning
connected network segments)
Thus I would suggest to use a dedicated near-field protocol like
Bluetooth. Or piggyback your protocol on another protocol which is
known to interconnect devices without problems: VoIP or maybe Signal.
Right, that is more effort on the software site but it avoids lots of
practical problems.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170602/44fc4d48/attachment.sig>
More information about the Gnupg-devel
mailing list