Geekish Things

[unixronin]

I successfully added a proof-of-concept implementation of client-to-client encryption over the ICB protocol into ICBM, my threaded Perl ICB client, this evening.  Just because I can, and because I can learn a little doing it.  What makes this a little more challenging is that the ICB protocol is an ASCII protocol with a 255-character packet size limit (before subtracting overhead), and it's not 8-bit clean.  (That's not a major handicap, as it just means adding an extra step to ASCII-armor the ciphertext, but it does reduce transport efficiency.  Then again, I'm probably gaining more efficiency from compressing the plaintext before encryption than I'm losing from armoring the ciphertext.)

I still need to design the key management part of the encryption feature, but I have a little better idea of how I'm going to handle that now.  For obvious reasons, encryption is only supported on private messages.

Comments

[skellington.livejournal.com]

To deal with a man in the middle attack, you either have to go with signed keys, or transfer the keys via a different mechanism. Whee party fun! :-)

[unixronin.livejournal.com]

Yeah, to be properly rigorous about it. I'm thinking it should probably have to be the user's responsibility to obtain a gpg keyid via other means for users you want to be able to exchange encrypted messages with.

I'm not HUGELY concerned about it right now because it's really only an academic exercise anyway.