Communication between plug-ins

Daniel Kraft d at domob.eu
Mon Aug 19 14:04:32 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

On 2013-08-19 18:31, Tomasz Wasilczyk wrote:


wow, that's great news!  Both for my project (since it will be indeed
much easier if OTR is an integral part of Pidgin and the respective
APIs can be provided directly to plugins) and also in general, since I
think OTR is a very important part of Pidgin.  (At least I use OTR
nearly all the time I use Pidgin.)



For the general idea, see [1].  I don't know how much you know about
Namecoin [2], but it is a system based on the Bitcoin technology that
allows everyone to register names and store arbitrary values with
them.  Once registered, names belong to that person and can only be
changed by them any longer, based on a completely decentralised and
censorship-resistant network.

  [1] https://dot-bit.org/forum/viewtopic.php?f=2&t=1045
  [2] https://dot-bit.org/

The current main application is to use that as a decentralised DNS,
but it is also very well suited to store public encryption keys.  For
instance, I own the name "id/daniel", whose value holds some contact
information I want to be public about myself as well as my GPG public
key fingerprint.  See [3] for a website that displays this information
(in the particular case for my name).  (And "id/otr" holds my OTR
fingerprint, which I used
for testing only so far.)  Thus when I meet somebody, I can tell them
to stay in contact via XMPP with OTR, using "id/daniel" (or rather
"id/otr" at the moment).  This is a name they can easily remember, but
they can also be sure that if they retrieve the value stored with it
later, that only I have the power to change it.  Thus if they find a
particular OTR fingerprint there, they can be sure it belongs to me.
(Unless my Namecoin private key was stolen, but if that's the case, my
OTR private key could have equally been compromised in the first place.)

  [3] https://nameid.org/?name=daniel

What my fork to Pidgin-OTR does is to add another (a fourth) option to
the "verify fingerprint" dialog, "Verify with Namecoin".  When this is
selected, the user can enter a Namecoin name they know is owned by
their contact and the code then queries the stored Namecoin value and
marks the fingerprint verified if it matches the value; if not, an
appropriate error message is displayed.

Does this make the plan clearer?  Let me know if I can provide further
details!

Yours,
Daniel

- -- 
http://www.domob.eu/
OpenPGP: 901C 5216 0537 1D2A F071  5A0E 4D94 6EED 04F7 CF52
- --
Done:  Arc-Bar-Cav-Hea-Kni-Ran-Rog-Sam-Tou-Val-Wiz
To go: Mon-Pri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQJ8BAEBCgBmBQJSEl4wXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5MDFDNTIxNjA1MzcxRDJBRjA3MTVBMEU0
RDk0NkVFRDA0RjdDRjUyAAoJEE2Ubu0E989S3G0QAJSR7wpWK18HPbQgmuP4UEfM
0wNyR/oWhEC4n6K6g+BYHnPIj81Gdr8vWsugSSCePUu1K/cDSougKYvOC1DhA475
eliiKAqVAFu6a1JWiasCk9bp9fppsdTqpBfhAPvXXJMwM9WpfieYggaUUASdDlej
uDhttTyGnThKw07eWOr1zuijpzrAqGmeL03/LgkNhchs6SlzI2/A7fYbbrV+7YNN
KREGgoZ8Dg5dbK53H7U1y+YtMC/L74dUTRxx7sRLdPXadwVZRewc+MGK0ve40/y8
O3WqsJF5WW1PLla8ZEsbHpXe6k346xOGC+l/SE38CjLh7Y1a7KQFvvuEpijBh1Jw
V5gAmCyIbbA9Zsjvb4DRI6MmW0iXb15mDSUonmfSmJ6kAHMGmPtjrW0NpEXd4YOK
6YXyUEXwZZm19QXq5/qz/8VVgO3Wru+HXsdVDA6DCIxbi3gB5mwheQ2EuZzcLz9I
3TrjMpxcCj6oxVS6wqPqMRYhsJ/uDwpzTgt9gjw1y6vjKdp0tW8E7RvhoiYMfFzm
hNYUBaeCjnBkn/hJGHftrDh2wuYOxGI12lIFAdey8SLU3SHilkaePa3vkv5JAUnC
Z8cxeNwyBAjJzMpIEP5wIuwDu7z0ISHtv46NvIBkdg+ow7WCFCz0yccGbaxF3Inb
ALbI+2JTe9r+C/uKYPDx
=2DRu
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4112 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://pidgin.im/pipermail/devel/attachments/20130819/096c0a45/attachment.bin>


More information about the Devel mailing list