[tor-talk] Confidant Mail

Mike Ingle mike at confidantmail.org
Tue Feb 3 19:33:24 UTC 2015 

On 2/3/2015 10:31 AM, Kevin wrote:
> On 2/3/2015 12:33 PM, krishna e bera wrote:
>> On 15-02-02 09:57 PM, Mike Ingle wrote:
>>> http://www.confidantmail.org
>>> Mike Ingle <mike at confidantmail.org>
>>> d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2
>> I am curious why someone delivering security and privacy software does
>> not have HTTPS on their webserver.  Also what is that string after your
>> email address for?
>>
> That string looks like a key
>
That string is indeed a key. The format is Name <email> keyid
and you can search for either the name or the keyid to find someone's 
key. If you search for the keyid
you know you have the right key. If you search for the name, you have to 
verify the keyid somehow.

I don't have HTTPS because there is nothing secret on the site, and 
because I don't place much trust in it.
The keyid in the announce posting has signed the code signing key, and 
the code signing key has signed
all the binaries, so you can validate the code integrity.

On 2/3/2015 9:26 AM, Steve Weis wrote:
> Why are the Confident Mail PGP key, binaries, and signatures are all 
> served over http?
>
> Skimming over the code, it lacks any documentation or tests. I see 
> blocks of commented-out code scattered through the files. I also see a 
> lot of potentially unsafe input being concatenated together and used 
> throughout the code.
>
> I recommend that you warn people not to use this software for anything 
> real yet. It needs a lot of work.
The commented-out code is mostly debug output and some test drivers. 
There was another separate test driver
which is not part of the release. I left that in for now in case I need 
to test something; it will be removed eventually.
The code has been tested quite a bit on Windows and Linux, including Tor 
and I2P.

The program is written in Python, which is an interpreted language with 
counted strings, so concatenating
strings is not a dangerous operation. There are functions to validate 
the blocks using regular expressions.
There is also an option to open untrusted messages text-only.

The security is done using GPG, not in the Python code. The client also 
does not accept incoming connections.
It's already being used to exchange large files and works fine. Yes it 
is beta software, but it is already more
secure than most conventional email.

MacOS binary package is close to working.

Mike Ingle <mike at confidantmail.org> 
d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2

More information about the tor-talk mailing list