Namecoin Local PGP Keyserver

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Namecoin Local PGP Keyserver

Post by phelix »

prototype here: http://blockchained.com/stuff/namecoin_keyserver.zip

Current features:
* will do exact match lookups on id/
* will download keys from the specified location or from a keyserver
* will proxy normal lookups to a standard keyserver
* works with client and nmcontrol as backend

how to try:
run Namecoin Client (blockchain must be completely downloaded)
launch via: python ./server.py
Thunderbird --> enigmail --> key management --> keyserver --> search for keys
as server enter 127.0.0.1:8083 (default)
then search for e.g. id/domob id/phelix id/jeremy id/greg
you can also search for non id/ keys as usual

:mrgreen:

pondering about a name: namecoin key proxy - nmckeyproxy? namecoin pgp key server - nmcpks?

edited for clarity and extended
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

cassini
Posts: 336
Joined: Sun May 26, 2013 6:36 pm

Re: Namecoin Local PGP Keyserver

Post by cassini »

I'm slowly :oops: starting to see the potential of this decentralized PGP keyserver. It may be able to render external keyservers redundant and thus overcome PGP's design flaw.

There is something in server.py I'm not sure if I understand it correctly, though. It obviously cross-checks the data behind the fingerprint with the file in the url field. It throws an error if there is no fpr field. It does not throw an error if the url field is missing (as in id/phelix). In this case it is as unsafe/centralized as the current PGP system, isn't it?
phelix wrote:Thunderbird --> enigmail --> key management --> keyserver --> search for keys
(Just in case anyone else wants to give it a try and falls in the same trap as I did: Don't forget to click keyserver, otherwise you end up using the search field in the wrong window.)

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Namecoin Local PGP Keyserver

Post by phelix »

cassini wrote:
I'm slowly :oops: starting to see the potential of this decentralized PGP keyserver. It may be able to render external keyservers redundant and thus overcome PGP's design flaw.

There is something in server.py I'm not sure if I understand it correctly, though. It obviously cross-checks the data behind the fingerprint with the file in the url field. It throws an error if there is no fpr field. It does not throw an error if the url field is missing (as in id/phelix). In this case it is as unsafe/centralized as the current PGP system, isn't it?
Well, it provides a secure fingerprint. If there is a separate key source it tries that first. Actually it does not even verify the key matches the fingerprint as the pgp client does that. :mrgreen:
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Namecoin Local PGP Keyserver

Post by phelix »

nx.bit - some namecoin stats
nf.bit - shortcut to this forum

Locked