 | OpenPGP/GPG | 12 Members |
| OpenPGP/GnuPG related questions, discussions and projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW, OFFTOPIC OR OTHER QUESTIONABLE STUFF | 6 Servers |
| OpenPGP/GPG | 12 Members |
| OpenPGP/GnuPG related questions, discussions and projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW, OFFTOPIC OR OTHER QUESTIONABLE STUFF | 6 Servers |
| Timestamp | Message | |
|---|---|---|
| 17 Feb 2019 | ||
| 10:48:17 |  J changed their profile picture. | |
| 20 Feb 2019 | ||
| 11:04:21 |  MirkoJankovic joined the room. | |
| 4 Mar 2019 | ||
| 15:33:06 |  pilotmatt joined the room. | |
| 12 Mar 2019 | ||
| 07:15:09 |  finlaydag33k | you know what would be great... if OpenPGP.JS would finally start supporting hardware keys like the NitroKey and YubiKey... |
| 08:39:12 |  wiktor | The only way would be you used OpenPGP.js through node that had access to USB ports |
| 08:39:43 | wiktor | Mailvelope uses OpenPGP.js for "easy crypto" but can delegate to GnuPG for paranoid users: https://www.mailvelope.com/en/blog |
| 08:39:51 | wiktor | this way you can use hardware keys |
| 08:47:57 | finlaydag33k | i think chrome has a usb api in it. But being able to use our hardware tokens with openpgp.js would add a big amount of use. |
| 08:48:24 | wiktor | oh, right, WebUSB, I forgot about this one! |
| 08:48:36 | wiktor | https://wicg.github.io/webusb/ |
| 08:49:00 | wiktor | that'd be nice to write a proof of concept for that |
| 08:49:38 | wiktor | OpenKeychain has nice USB hardware token code in Java... in case someone wants to start working on that :) |
| 08:53:25 | finlaydag33k | Yes, WebUSB could be used for it. If we could get it working that'd be massive. Then services like ProtonMail could support hardware keys |
| 09:36:47 | wiktor | there was a site somewhere about which standards Mozilla thinks are good or bad, I wonder where would WebUSB be rated there, without their support it's practically dead |
| 09:37:01 | wiktor | (I've seen some interesting Chrome-only standards being dropped in the past, sadly) |
| 09:37:42 | finlaydag33k | Firefox has no support rn, only Chrome and Opera do |
| 09:37:53 | finlaydag33k | apparently WebUSB is still a draft :\ |
| 09:38:32 | finlaydag33k | apparently they don't support it because it's fundamentally flawed |
| 09:38:44 | finlaydag33k | https://twitter.com/adambroach/status/969342244653273089 |
| 09:38:47 | wiktor | oh, that's bad |
| 09:39:25 | wiktor | I remember WebUSB was initially in white-list mode so you could use only hardware that had special "webusb-enabled" flag |
| 09:39:50 | wiktor | of course nothing did so they switched to black-list and then there was this security flaw with U2F tokens |
| 09:40:06 | finlaydag33k | ye |
| 09:41:17 | finlaydag33k | I feel like it should be done like browsers access stuff like the location and notification APIs. The user having to give consent to the website. While not fool-proof, it should be something |
| 09:51:40 | wiktor | or just a browser API for cryptographic tokens... I don't know how it's implemented but in a scdaemon session once you enter pin you can issue all other commands until you do scd reset. So direct USB access could lead to sites being able to access unlocked token. But that said I'd be very glad to see OpenPGP.js integration with tokens, today it's just too darn hard. |
| 18 Mar 2019 | ||
| 08:00:11 |  blackoutx84 joined the room. | |
| 19 Mar 2019 | ||
| 21:54:24 |  dgrove joined the room. | |
| 23:35:23 | finlaydag33k | https://social.linux.pizza/@finlaydag33k/101779930272475291 |
| 23:35:28 | finlaydag33k | place your bets :p |
| 26 Mar 2019 | ||
| 10:06:26 |  @gharbeia:matrix.org joined the room. | |