[Specs-cx] Encryption

David García david.garcia at tractis.com
Mon Jun 28 08:15:02 UTC 2010


Hi Nat,

in those cases where public keys cannot be used, because parties are not
known yet, maybe using PBE (password based encryption) with random generated
pass could fit this need.
Those passwords could be stored bound to the contract and delivered to the
party after a challenge has been passed (f.ex auth process).

Best regards

Dave

2010/6/25 Nat Sakimura <sakimura at gmail.com>

> I had a talk with Hide yesterday.
> We were talking on how to preserve the privacy of the end user among
> bunch of services.
>
> The agreement we had was that we should encrypt the portion of the
> agreement specific to each server with different symmetric keys, then
> encrypt the symmetric keys with respective server's public key and
> OP's public key.
>
> We are still discussing over the cases where parties are not
> determined at the time of the proposal and disclosing the parties to
> other parties are privacy risk.
> It is a bit challenging.
>
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> http://twitter.com/_nat_en
> _______________________________________________
> Specs-cx mailing list
> Specs-cx at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-cx
>



-- 
David Garcia
CTO
Tractis - Online contracts you can enforce
http://www.tractis.com
--
Email: david.garcia at tractis.com
Skype: deiffbcn
Blog: http://blog.negonation.com
Linkedin: http://www.linkedin.com/in/davebcn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-cx/attachments/20100628/b98b477f/attachment.html>


More information about the Specs-cx mailing list