20 Jan 2004 weasel   » (Master)

It's been a while since I last wrote an entry. In the meantime some things changed, other things didn't.

Over the last year Len (SIrabbi) and I, with the help of several other cpunks, made lots of minor fixes and feature improvements for Mixmaster, and we are close to releasing betas for the upcoming 3.0 version.

Mixminion is making steady progress too, thanks to the great work of Nick (nickm). It appears to be very stable at the moment. A few things are still missing, like the possibility to post and direct reply blocks to Usenet, but it may soon become 0.1.0 (the in theory as good as Mixmaster release).

For users to enjoy end-to-end encrypted messages in mixminion, it needs some form of PKI. Nick thinks that it's probably best to bootstrap off the existing PGP infrastructure so we need a way to read private pgp keys. pgpdump is a nice tool that dumps pgp packets, like pgp private keys. Unfortunately it doesn't dump all secret key parameters if they are encrypted with a passphrase. I intent to hack it to support decrypting encrypted packets, so we could use that.

Fabbione and I have played with packaging SKS, an OpenPGP keyserver implementation, for Debian. It looks quite good, the only missing thing is a compiler that actually builds it right now :) - ocaml had some non-free parts which were removed from the Debian ocaml package. Reimplementations and work arounds are/have been written already, so it should eventually be ready to be uploaded.

In addition to working on Mixminion, nickm and arma are also working on Tor, The Onion Router. This is a low latency anonymity network which will allow you to do very anonymous TCP. Of course I've packaged it for Debian too. Mixminion and Tor packages are currently in the NEW queue, waiting to get processed by the cab^Wftp-masters.

I've done quite some travelling in 2003, which implies I did a lot of keysigning, and it has shown. Jason Harris is running keyring analyses every other week, and my key is quite well connected. Check out http://keyserver.kjsl.com/~jharris/ka/.

While we are at PGP. The keyservers - as you probably know - store all pgp keys that were ever uploaded to the network forever. The keyservers are also more or less in sync with each other. I wonder if anybody has thought of abusing the network as a communications media. Embed your message or file in a PGP key, upload it to the keyservers, and there it is. Mirrored a dozen times all over the world, with no easy way to have it removed. And contrary to Usenet, the message doesn't expire.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!