Re: [Tails-dev] Suggestion: Determistic key generation optio…

Supprimer ce message

Répondre à ce message
Auteur: sajolida
Date:  
À: The Tails public development discussion list
Sujet: Re: [Tails-dev] Suggestion: Determistic key generation option for completely read-only systems
Sebastian Nielsen:
> I have a suggestion for tails, that will make it more useful for the masses,
> and still having it completely read-only.


Hi Sebastian!

Thanks for taking the time to make suggestions on how to improve Tails
for the masses. That's what we want :)

> But the main advantage is that you don’t need to store anything. Even if
> your Tails installation media is seized, nothing can happen. You have your
> password, thats all that is needed to recreate ”your” installation of Tails.


Other consequences:

- Two people using the same password would have the same cryptographic
key. Unfortunately, different people use the same password all the
time.

To have secure (unique) seeds you would have to imposed something very
long that people wouldn't be able to memorize. See the seeds in
Electrum for example.

- You wouldn't be able to destroy your cryptographic key or revoke it.

Plus, ask s7r pointed out, this might not really work for OpenPGP.

This seed scheme might be useful in some cryptographic applications
(like Electrum) but unfortunately, I don't think it's would work for all
the crypto used in Tails.

--
sajolida