Does Public Key Infrastructure also work in the dark net such as Tor/Freenet?

If there is a root CA, how can decentralization be real?

@Acer because you still the one who generate the CA and sent it to some ca issuer that could vouch for your ca.

@deesapoetra

generate the ca or generate the cert?
Central Authority should not be the person await trust
Certificate should be generate by the central Authority not the user.

> Issuer can vouch your...
Isn't issuer the pki?

@Acer ah yes i must mixing thing up a bit.
I always refer certificate as "CA".
Central Authority is just them vouching for your key

@deesapoetra

Look at my original question.
I knew they might be able to vouch people's public key.
My question is how.

@Acer well. I can put my public key fp and then upload my photos later with me mentioning it on a paper.
That's one way.

@deesapoetra

What is fp

The keypoint here seems to be the paper.
Why not just mention public key in the paper

@Acer well. Because fingerprint are unique. You can't generate a key with same fingerprints twice and that i think is enough for a method of proof.

Follow

@deesapoetra

But that's need to vouch for fingerprint first instead of public key

If you can do fingerprint vouch first, basically you needn't pki

@Acer
You still need it if your key meant to be used as your main way to connect with people.
Are you satisfied with only one people trusting you ? Are people gonna think the same as you ?
And that's why PKI makes everything easier.

@deesapoetra

you can just use your key with your fingerprint
You public key can be public without pki

Pki makes things easier possibly not due to fingerprint

@Acer
> you can...
...without pki.

Yes you can always do that. but wouldn't it also serve the same purpose as using PKI too? I mean both way you upload you key fp or public key content anyway.

> PKI makes things easier...
... Fingerprint.

Yes. It make things such as vouching became so much easier.

@deesapoetra

Upload fp might not be the standard way.
Pki can t vauch fp more easily than to vauch key

@Acer well. Since you upload your key to a key server, your need to share your key to someone is not an issue. They can always pull it from the server.

And instead of uploading your public key to your social media as a method of proof that you own the key after putting it on keyserver.
You can just wrote your fingerprints and took photos with you holding it.
It's just convinient. Since you can't generate a key with the same fingerprints twice (if it did met current standard).

@Acer ofc! The key point is trust (if you only exchange your key to one person only) and WOT.

@deesapoetra

key concept is trust.
But I need more on protocol rather than concept

@Acer you can't have a fixed protocol for an asymetrical encryption, it always change as computing power became buffed overtime, at least that's what current limitation for asymetrical encryption. (Well maybe because it's asymetrical in the first place?)

@deesapoetra

nope
pk cert

but web widely using pki

If you look at cert of websites like twitter or amazon

@deesapoetra

But they didn't write fp paper and do upload fp things

@Acer I thought we still talks about PKI vouching in asymetrical encryption.
Pardon me then. When it comes to web encryprion, they used both asymetric and symetrical encryption.

@Acer in ssl context. You can always generate your own ssl key and then issue them to a ssl certification company Or you can have them generate it and get automatically cerified.

Have you visited nanochan? Their whole networks used ssl but they didn't issue their key to certs company.
Their web is one the example how ssl key and certs can be fully generated without issuer.
But again how can you be so sure if it's not some malicious who trying to take over their site when they also generate and sign their own certificate.
And that's where ssl company comes in handy.

@deesapoetra

They are examples for using pki
Though they also apply other encryptions

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.