[Freedombox-discuss] Identity UI
Nick M. Daly
nick.m.daly at gmail.com
Sun Jun 24 00:33:25 UTC 2012
On Sat, 23 Jun 2012 10:27:26 +0200, Michiel de Jong <michiel at unhosted.org> wrote:
> On Sat, Jun 23, 2012 at 7:23 AM, Nick M. Daly <nick.m.daly at gmail.com> wrote:
> > So, identity is pretty fundamental to this project. Without identity,
> > privacy is a meaningless concept.
> good point!
> > The FreedomBox identifies a person or group of people through their
> > keys.
> IIUC, that seems to be design choice aimed at power users. You access
> your freedombox from either your laptop, or your phone, or an internet
> cafe, right? That means that you need to configure the key on your
> laptop, then configure it on your phone, and then export it onto a usb
> stick, then put the usb stick in your wallet, take it with you on
> holidays, not lose it, take it into the internet cafe, stick it into
> the computer there, and know how to use it to install use your key on
> this computer at the internet cafe.
Keep two things in mind:
I'm talking about identity management here, not key management. Knowing
somebody else's key and using that on the backend to keep track of other
folks' identities is a very different thing than managing your own key
on any particular device.
Also, regardless of whether we're talking about key or identity
management, we should be able to simplify the UI to help make this
something that's not just a power user thing. The hardest part (in the
UI, to me anyway) is that keys and users are many-to-many related. It
makes for a fairly messy address-book.
When we do tackle key management, the key could exist on the remote box
alone and the user could log into the box, unlocking the key there. If
we don't tie identity to a specific type of key, we could use OTP or OTR
keys instead of GPG keys sometimes, to help mitigate keystorage
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 835 bytes
Desc: not available
More information about the Freedombox-discuss