alternative solutions to open problem : the use of asymmetric cryptography #6
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
would like to open this thread to discuss alternative solutions for the use of asymmetric crypto for prove of ownership.
Starting from an easing of the strictness of preventing someone to claim ownership of a shard he/she/it doesn't own.
Security through obscurity is something that should never be practiced, agreed.
But we are not focusing on security here, but on ease of use.
The same as secret URLS are used for collaboration purposes (online jitsi meeting rooms without authentication, google drive documents, etherpad links, ..) , I would propose using secret trust identifiers in combination of secret trust shards .
So holding a trust shared and the accompanying trust identifier is a proof of ownership as such.
Someone entering a trust shard unwanted is noticed by the network by an automated trust challenge based on info stored within the trust network on the devices currently connected to that network. Comparable with current security practice of notifications when someone is logging in from a new or unknown device or location.
Most probably this still needs an asymmetric function but not in the way as is written out in qr-challenge-response
The text was updated successfully, but these errors were encountered: