I had a mail from a friend who asked some pertinent questions which I thought I’d share.
- why? why not use a Jabber client with OTR encryption (e.g., https://itunes.apple.com/gb/app/chatsecure-encrypted-secure/id464200063?mt=8) or Gibber (Android) or IM+ with its OTR features? http://9to5mac.com/2013/06/21/messenger-app-im-puts-off-the-record-encryption-feature-on-sale/ All these things interoperate with desktop clients as well as mobile clients.
Ease of use and accessibility primarily. Internally the system boils down to binding an address with a UUID and a public key. Whilst coming up with a one off registration for a user-name is a simple enough proposition as all the system does is speak in UUIDs, what you do with that key? How do you “claim” that identity on multiple devices. You rapidly get down to using a password or password variant. I’ve had my mobile phone number for 15 years and it’s survived many devices and computers. The other thing about it, OTR is about anonymity, this isn’t. Many people would say it’s something they like but it does make their life harder. Again, same with user id’s, how do you find people? You have to either ship your name around or bind it with an email address to be found. None of these are an insurmountable problem and one of the things I’ve been thinking about is how you bind something like a phone number with say an email address if we’re less convinced about security around email addresses?
- What networks will it connect to? I’m reluctant to connect to yet one more network. I already have Jabber, Skype, AIM, Google, app.net, Twitter and Facebook.
It’s a fair question, at the moment, ours, as we need to create the tunnel, but notionally the channel messages (the inner encrypted bundle which is just passed through, which we can’t read) could be sent over anything so long as the endpoint knew how to deal with them. That’s an interesting thought actually. Also, app.net, is an interesting idea, I wonder if we could provision the service via them.
- Do I really have to do yet one more merge of all my contacts with some new service?
No, it’s automatically built of the devices address book, another reason phones are nice, if we supported a published directory of people, I don’t see why grabbing your facebook list of contacts wouldn’t be straight forward enough and cross referencing that with our directory.
- Will it be compatible with OTR on the other major networks? If not, I don’t see the compelling driver. If yes, what distinguishes it from the others?
The demonstrable difference is the level of privacy it provides combined with the ease of use. OTR is clever stuff but it’s not the sort of thing that, your friends (well, your friends might being security geeks :)), family and colleagues (hmm, maybe this isn’t such a good tag line). The other thing is the openness of the protocol, it’s ability to be examined by people like you.
- Does it run on its own dedicated servers and such or just piggyback on some other network like AIM? What kind of reliability can I expect?
Some of it has to, directories, keystores, authentication components and SMS gateways but certainly it could be piggybacked on other networks. Reliability wise, the processes themselves are dirt simple. They rely on Amazon (today, insert cloud provider here) to build highly scalable infrastructure components, we’re certainly not going to that ourselves, but we are good at building systems that use highly scalable infrastructure. That is something we know a lot about.
- What PKI will it use? PGP web of trust and key servers? X.509? I’d like to reuse identities that I already have that are already widely published. I’m not that keen on having yet another identity in yet another PKI.
It’s a hybrid, checkout here, here and here. No X.509 Certificates (although we use X.509 for keys, which is really just an ASN.1 representation of a public key) and sign them with their associated UUID and address for simplicities sake. As for identity, it’s not a new identity (it’s a mobile number), but yes, it does live in our PKI.