Re: [off-topic] [tech] talkat

1. Jacob Stewart (jacob.stewart (a) tutamail.com)

>If no client certificate is presented, the server MUST reject the 
connection.>The server and client certificates are intended to identify 
the individual users involved.
What if the server operator wants to operate an anonymous chat?

-- 
Securely sent with Tutanota.
Get your own encrypted, ad-free mailbox atΒ https://tutanota.com.
https://fastmail.fm is not encrypted but has some privacy.
You can search for more providers.

Link to individual message.

2. Chris Brannon (chris (a) the-brannons.com)

Jacob Stewart <jacob.stewart@tutamail.com> writes:

>>If no client certificate is presented, the server MUST reject the
> connection.
>>The server and client certificates are intended to identify the individual
> users involved.
> What if the server operator wants to operate an anonymous chat?

Nothing prevents you from generating a one-time cert, having multiple
pseudonymous certs corresponding to various assumed identities, etc
etc.  With client certs we can have both authentication and
pseudonymity.

-- Chris

Link to individual message.

3. mbays (mbays (a) sdf.org)



> Jacob Stewart <jacob.stewart@tutamail.com> writes:
> 
>>> If no client certificate is presented, the server MUST reject the connection.
>>> The server and client certificates are intended to identify the 
individual users involved.
>> What if the server operator wants to operate an anonymous chat?
> 
> Nothing prevents you from generating a one-time cert, having multiple
> pseudonymous certs corresponding to various assumed identities, etc
> etc.  With client certs we can have both authentication and
> pseudonymity.

Exactly. In the htalkat implementation, you select an identity (or create 
a new one) by using the -d option or HTALKAT_DIR environment variable.

It's also easy to run as a tor hidden service, for additional anonymity.

Link to individual message.

---

Previous Thread: [off-topic] [tech] talkat

Next Thread: Video: Why Gemini?