tomCan we get rid of passwords already and use public key authentication?
seandreashas left
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
colochonhas left
mehdihas left
mehdihas joined
dinosaurdynastyhas left
dinosaurdynastyhas joined
schorschhas left
schorschhas joined
mehdihas left
mehdihas joined
thndrbvrhas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
dianehas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
raspbeguyhas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
brilliancehas left
mehdihas left
mehdihas joined
karimhas left
karimhas joined
Melhas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
Douglas Terabytehas left
Douglas Terabytehas joined
mehdihas left
mehdihas joined
Melhas joined
brilliancehas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
brilliancehas left
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
holgerhas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
brilliancehas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
Huxxhas joined
ibikkhas joined
mehdihas left
mehdihas joined
lorddavidiiihas joined
mehdihas left
mehdihas joined
mehdihas left
mehdihas joined
jayteeukhas left
jayteeukhas joined
Melhas left
Melhas joined
mehdihas left
Echo1has left
mehdihas joined
Echo1has joined
podhas joined
perflysthas joined
mehdihas left
mehdihas joined
Pingu from Woodquarterhas joined
perflysthas left
mehdihas left
mehdihas joined
sonnyhas left
sonnyhas joined
raspbeguyhas joined
sonnyhas left
holgerhas left
sonnyhas joined
Licaon_Kterhas joined
mehdihas left
mehdihas joined
sonnyhas left
mehdihas left
sonnyhas joined
mehdihas joined
lorddavidiiihas left
sonnyhas left
mehdihas left
mehdihas joined
lorddavidiiihas joined
sonnyhas joined
sonnyhas left
jonas’I’d be all in, if we hide it from the users :)
sonnyhas joined
sonnyhas left
mehdihas left
mehdihas joined
sonnyhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
holgerhas joined
sonnyhas left
SouLhas left
insanityhas left
10rokitahas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
mehdihas left
mehdihas joined
sonnyhas joined
derventiohas left
ibikkhas left
cuchas left
cuchas joined
abidal3has joined
sonnyhas left
schorschhas left
SouLhas joined
sonnyhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
madmalkavhas joined
cuchas left
cuchas joined
lorddavidiiihas left
insanityhas joined
jayteeukhas left
jayteeukhas joined
jayteeukhas left
jayteeukhas joined
ibikkhas joined
marc0shas left
marc0shas joined
lorddavidiiihas joined
schorschhas joined
dianehas left
kikuchiyoWouldn't that require client devs to integrate authentication agents and users to remember longer passphrases?
cuchas left
cuchas joined
jonas’kikuchiyo, no, why? tie the private key to the device.
jonas’passphrase optional.
jonas’on mobile OSes, that would be reasonably secure, since apps can’t read each other’s storage
jonas’(or you can even put it in the OSes secret vault)
jonas’breaks down on standard desktop OSes of course, but who uses those anyways.
schorschhas left
schorschhas joined
sonnyhas left
sonnyhas joined
kikuchiyoOk, what does this mean for multiple or lost devices?
lorddavidiiihas left
jonas’different private key for each device, obviously
jonas’because of that, you can revoke access for lost devices easly
jonas’if you lost all devices, you’ll need an out-of-band recovery mechanism, just as if you lost your password
Beherithas left
tomI strongly disagree
tomYou have strong crypto auth
tomAnd then you add a backdoor
tomIt's up to the user not to have a backup key hidden somewhere
jonas’of course
jonas’because user’s are good at that!
tomAnd in worst case they don't, they could go to their hosting provider showing physical ID and having someone who knews them add in a new key
jonas’which is *exactly* the kind of out-of-band recovery mechanism I’m talking about?
jonas’what’s your problem then?
tomI thought you meant automated
tom
» just as if you lost your password
colochonhas joined
jonas’of course automated for any non-terrible-UX service
tomStrongly disagree
jonas’for terrible-UX-but-high-security services you’d not do that automated obviously.
tomI'm really tired of having to use software design for morons
jonas’sorry to hear
tomI know what it means to use unbreakable crypto when i turn it on
tomA lot of companies like to assume their users are stupid and add all kinds of backdoors into the crypto
tomCalling them recovery
Echo1has left
tomSo like you have 2fa, but you can guess someone's pet name or look up their mother's name
tomAnd bypass the security
lorddavidiiihas joined
Echo1has joined
tomI can auth to IRC servers with a client certificate
tomShouldn't that be possible with XMPP as well?
tomInstead of having to remember passwords
tomKeeping a bunch of passwords in a database
Beherithas joined
tomTake wireguard for example of doing authentication right and and making simple
tomhttps://www.wireguard.com/
jonas’wireguard is too simple for some use-cases though
jonas’anything road-warrior-corporate-type for example.
tomI use it on my laptop
tomIt's perfectly adequete
kikuchiyo> different private key for each device, obviously
New devices would need to be cross signed from an already known device, yes?
pep.> jonas’> because of that, you can revoke access for lost devices easly
Because of that, you can race to revoke access for lost devices easily. FTFY
jonas’?
pep.Since the lost device would probably have the same authz
jonas’kikuchiyo, "signed", or simply one-time authenticated with a "device invite" link
jonas’pep., removing devices could require a second factor
pep.And you probably just lost it :/
MartinAndotp on the lost mobile 😁
pep.Revocation is annoying
vu764hd68fxthas left
Viktor Lindberghas left
Viktor Lindberghas joined
vu764hd68fxthas joined
stvnhas joined
stvnhas left
stvnhas joined
jayteeukhas left
jayteeukhas joined
kikuchiyo> kikuchiyo, "signed", or simply one-time authenticated with a "device invite" link
One-time authentication leads to a race of one-time revokation. How about not revoking a device, but revoking the compromised identity?
Melhas left
Melhas joined
10rokitahas left
pep.You don't get rid of the race do you
stvnhas left
stvnhas joined
Beherithas left
kikuchiyopep.: Since there is no continuity, you would need to reestablish trust for a new one.
pep.That also means at any time, somebody (with the right authz, e.g., stolen device) can revoke your perfectly valid identities
pep.(and 2FA on the stolen mobile device, because that's how things work nowadays :p)
kikuchiyoWhich comes down to meeting in real life or using 2fa.
pep.meeting in real life with whom?
pep.The server operator?
pep.(I haven't read the past few days of logs)
lorddavidiiihas left
kikuchiyoThose to whom you want to communicate with.
pep.Assuming you can also still login first
pep.Password is unchanged, etc.
lorddavidiiihas joined
kikuchiyo> Assuming you can also still login first
No, assuming that the other party knows you in person and can verify that in real life.
The underlying philosophical problem is: _What is identity_
One answer to that could be: A common history.
Beherithas joined
pep.I meant, you might not have access to your account anymore
pep.In this case surely you can create a new account/identity and get this one acked
pep.Unless you manage to convince the operator that it's your account
Vaughanhas joined
stvnhas left
sonnyhas left
holgerhas left
kikuchiyopep.: Yes a comprised account is a compromised virtual identity. So there is nothing left than to refer to a second identity, e.g. the real life identity, to establish new trust.
kikuchiyoYou just need to make sure that the old identity gets revoked completely.
pep.And I'm saying that's the hard part. First if you don't control the account anymore, either you need to regain control of it through the operator, or you need to go through all your contacts and revoke it out-of-band (by meeting IRL)
lorddavidiiihas left
pep.You don't "just" revoke an identity
Maranda🤦🏼♂️
pep.What is it Maranda, your hand smells nice? :P
Beherithas left
stvnhas joined
stvnhas left
stvnhas joined
MarandaThey smell of disinfectant like everyone's, if they're good childs that is pep.
stvnhas left
stvnhas joined
kikuchiyopep.: I know this is not the usual way of thinking about revokation.
> you need to go through all your contacts and revoke it out-of-band (by meeting IRL)
Or by enabling whomever has gained control over the old identity (including yourself) to destroy it and all of the attached keys, but not to initiate a new one without meeting IRL or 2fa.
pep.Yes and that person in control of your old identity might have no interest in destroying it :p
ibikkhas left
pep.(or it might be exactly their goal: DoS)
stvnhas left
holgerhas joined
sonnyhas joined
Beherithas joined
stvnhas joined
sonnyhas left
sonnyhas joined
insanityhas left
kusonekohas left
kusonekohas joined
kusonekohas left
kusonekohas joined
Marzannahas left
Marzannahas joined
insanityhas joined
colochonhas left
stvnhas left
stvnhas joined
stvnhas left
lorddavidiiihas joined
sonnyhas left
sonnyhas joined
sonnyhas left
stvnhas joined
schorschhas left
sonnyhas joined
schorschhas joined
kikuchiyopep.: One person in control has to be able to hit the kill switch for the identity - that would be you. If the attacker does that he looses control.
This is a like a remote mechanism to dye stolen money.