-
Notifications
You must be signed in to change notification settings - Fork 8
dat wot plans
Jay R Bolton edited this page Nov 11, 2017
·
4 revisions
User identity and secure communication channels with libsodium and integration with dat. The goal is to add a user layer on top of dat that allows people to send data to each other privately, without doing anything out-of-band. The user identities can span many dats, logs, devices, etc.
This set of modules can be called something like "node-wot" and are only dependent on sodium-universal. A similar system to classic PGP stuff, but with updated technology and some simplified bits
- wot-identity: generate user certs, keys, and send simple messages and sign things. cert revocation and expiration
- wot-keyring: store other users, validate their identity, and view others who validate them (with chains)
- wot-serialize: save and load users and keyrings to/from disk
- wot-session: forward secrecy / group keys
- every user has their own "public profile dat" which contains their cert, pub keys, and any other data
- every user runs a discovery-swarm with the id being the address of their public profile dat. users can join this swarm and send their own public profile dat link to the receiving user
- users can send encrypted dat links to each other or any other arbitrary data, without anything being out-of-band, just through a handful of dats
to consider:
- epidemic networking for messaging and related ideas around user discovery, cross-network content searching, etc
- users can add additional devices under the same user identity with a device handshake
- each device likely should generate its own set of keys, and all those keys get associated for the user
- every device can back up encrypted secret keys from every other device for the user (lost secret keys is a huge usability hurdle in pgp)
- users can add "untrusted peers", such as cloud hosts, where all their files are encrypted on the device