!GpMMBTUuJduUZAAKXM:matrix.org

OpenPGP/GPG

12 Members
OpenPGP/GnuPG related questions, discussions and  projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW, OFFTOPIC OR OTHER QUESTIONABLE STUFF 6 Servers

Load older messages


Timestamp Message
17 Feb 2019
10:48:17@jonathan:matrix.selea.seJ changed their profile picture.
20 Feb 2019
11:04:21@mirkojankovic:matrix.orgMirkoJankovic joined the room.
4 Mar 2019
15:33:06@pilotmatt:matrix.orgpilotmatt joined the room.
12 Mar 2019
07:15:09@finlaydag33k:matrix.orgfinlaydag33kyou know what would be great... if OpenPGP.JS would finally start supporting hardware keys like the NitroKey and YubiKey...
08:39:12@wiktor:stratum0.orgwiktorThe only way would be you used OpenPGP.js through node that had access to USB ports
08:39:43@wiktor:stratum0.orgwiktorMailvelope uses OpenPGP.js for "easy crypto" but can delegate to GnuPG for paranoid users: https://www.mailvelope.com/en/blog
08:39:51@wiktor:stratum0.orgwiktorthis way you can use hardware keys
08:47:57@finlaydag33k:matrix.orgfinlaydag33k

i think chrome has a usb api in it.
Don't know about Firefox tho.

But being able to use our hardware tokens with openpgp.js would add a big amount of use.

08:48:24@wiktor:stratum0.orgwiktoroh, right, WebUSB, I forgot about this one!
08:48:36@wiktor:stratum0.orgwiktorhttps://wicg.github.io/webusb/
08:49:00@wiktor:stratum0.orgwiktorthat'd be nice to write a proof of concept for that
08:49:38@wiktor:stratum0.orgwiktorOpenKeychain has nice USB hardware token code in Java... in case someone wants to start working on that :)
08:53:25@finlaydag33k:matrix.orgfinlaydag33k Yes, WebUSB could be used for it.
If we could get it working that'd be massive.
Then services like ProtonMail could support hardware keys
09:36:47@wiktor:stratum0.orgwiktorthere was a site somewhere about which standards Mozilla thinks are good or bad, I wonder where would WebUSB be rated there, without their support it's practically dead
09:37:01@wiktor:stratum0.orgwiktor(I've seen some interesting Chrome-only standards being dropped in the past, sadly)
09:37:42@finlaydag33k:matrix.orgfinlaydag33kFirefox has no support rn, only Chrome and Opera do
09:37:53@finlaydag33k:matrix.orgfinlaydag33kapparently WebUSB is still a draft :\
09:38:32@finlaydag33k:matrix.orgfinlaydag33kapparently they don't support it because it's fundamentally flawed
09:38:44@finlaydag33k:matrix.orgfinlaydag33khttps://twitter.com/adambroach/status/969342244653273089
09:38:47@wiktor:stratum0.orgwiktoroh, that's bad
09:39:25@wiktor:stratum0.orgwiktorI remember WebUSB was initially in white-list mode so you could use only hardware that had special "webusb-enabled" flag
09:39:50@wiktor:stratum0.orgwiktorof course nothing did so they switched to black-list and then there was this security flaw with U2F tokens
09:40:06@finlaydag33k:matrix.orgfinlaydag33kye
09:41:17@finlaydag33k:matrix.orgfinlaydag33kI feel like it should be done like browsers access stuff like the location and notification APIs. The user having to give consent to the website. While not fool-proof, it should be something
09:51:40@wiktor:stratum0.orgwiktor or just a browser API for cryptographic tokens... I don't know how it's implemented but in a scdaemon session once you enter pin you can issue all other commands until you do scd reset. So direct USB access could lead to sites being able to access unlocked token. But that said I'd be very glad to see OpenPGP.js integration with tokens, today it's just too darn hard.
18 Mar 2019
08:00:11@blackoutx84:matrix.orgblackoutx84 joined the room.
19 Mar 2019
21:54:24@dgrove:matrix.orgdgrove joined the room.
23:35:23@finlaydag33k:matrix.orgfinlaydag33khttps://social.linux.pizza/@finlaydag33k/101779930272475291
23:35:28@finlaydag33k:matrix.orgfinlaydag33kplace your bets :p
26 Mar 2019
10:06:26@gharbeia:matrix.org@gharbeia:matrix.org joined the room.

There are no newer messages yet.


Back to Room List