💾 Archived View for bbs.geminispace.org › u › flipperzero › 18653 captured on 2024-08-31 at 15:58:22. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-08-19)
-=-=-=-=-=-=-
Re: "How many of you actively use misfin? I have been tempted..."
@pollux it gives you instruction as to what type of key is required, there is no specific key, save that the format be in base32. that means you have to generate a key using an encryption method which would be able to provide you with a base32 key file. Once you have that base32 key file, it should stand to reason that if you open the key file in a text editor that from copy/pasting that key's metadata into that field should provide you a way to decrypt.
That key is for your encrypted gembox, it doesn't mean that it's a key a specific message specifically requires similar to that of PGP, although conversely as well as similar to PGP this key secures your mailbox. I hope this helps.
Jul 18 · 6 weeks ago
😎 flipperzero · Jul 18 at 19:37:
@gemalaya does that sound about right or n0h hell n0h wtf am i talking about please let me know cipres thank you
@flipperzero. Ah, ok. Now I understand! :-) Thanks for the information.
For key generation I first tried with argon2id and base32 but this was invalid, so I ended up using openssl rand 32 | base32.
i think you need to do what you want the environment to be. so you think misfin is a good idea? have a misfin address.
what i do with xmpp is, i have no other way of communication, so i ask people to have an xmpp address and client. i help them to setup the clients.
then when two of my friends meet and i introduce them to each other, i tell them - you know you can also use xmpp to message each other.
some choose something else they have, like facebook messenger or telegram. but some indeed start to use only xmpp with those contacts.
xmpp also helps because there is also public life. i add people to chats and they don't feel isolated.
what i meant is that once you have misfin, and a couple of your friends have misfin, you can tell them they can use it when writing to each other.
@pollux @flipperzero Regarding encrypted gemboxes, here's how it works .. When you activate encryption on your account, the server generates an elliptic curve (curve25519) keypair. The public key is kept on the server, and the private key is communicated to you only, encoded as a base32 string (you'll need to send the key via a gemini input req, that's why base32 is used here). Then, every message you receive is encrypted for that public key. To decrypt the messages, from the inbox you send the base32 privkey. The server keeps the pk in a memory vault for a few mins, and each time you access the inbox it prolongs the pk's lifetime in the vault.
@pollux An encryption key is automatically generated for all new accounts and shown on the register success page, but since you created your account before the update that introduced encryption, you have no key yet. You just need to go in the settings, and then activate encryption, and after that you'll see a link to change the encryption key. Click that link and store the base32 privkey in a file. After that all incoming messages will be encrypted on the server.
@gemalaya Thanks for the info, much appreciated.
@pollux I'll send you a message once you've enabled encryption. When an encrypted message is in your inbox and no privkey was set yet, you'll see a "Message with ID ... is encrypted" label for the message.
@gemalaya It says: Message with ID 3 is encrypted or has an invalid status. I had set an decryption key earlier with 'openssl rand 32 | base32' How should I proceed?
@pollux That's not how it works ^_^, you have to input the private key that was given to you when you enabled encryption (the base32 string). Did you save it ? You don't have to generate anything with openssl.
@pollux In the settings when you click "Change encryption key", it will say "Your encryption key was changed, here is your private mailbox encryption key" and below that there's the base32-encoded key. THAT is the key you need to input when you click on the "Decrypt messages (set decryption key)" link in the homepage.
@gemalaya I did that a while ago, but now I have new one from the site and saved it. I wanted to reply, via misfin, to you, but it currently times out.
@pollux Just sent you a message. You can also send a message to yourself to check that decryption works.
@gemalaya I can not open the messages, because they are not clickable and say:
Message with ID 4 is encrypted or has an invalid status.
Message with ID 3 is encrypted or has an invalid status.
@gemalaya Never mind ... Decrypted your message and replied. :-)
@pollux Got your (correct) reply, proof that you could decrypt the question .. Authentication with x509 certificates, (fast) at rest message encryption, text only (gemtext) payloads, gemini interface. What else does one need for electronic mail ...
@gemalaya Maybe a Cc: Field would be nice, to allow people to send to multiple recipients.
@gemalaya I now have some problems. I regularly receive an encrypted message and when I try to decrypt it it is gone.
@pollux Not sure what you mean by that. What do you mean by "it is gone" ? What do you see in the messages list before and after you click "decrypt messages" and send the key ?
@gemalaya before I decrypt I always see this:
Message with ID 3 is encrypted or has an invalid status. and when decrypting the message goes away, so that I can't see it's content. Now I disabled encryption and saw your message..
@pollux Please post a screencast somewhere that shows the problem. If by "goes away" you mean, before sending the key there are 4 messages in the inbox, and after decrypting there are only 2 or 3 messages, that means some messages can't be decrypted with the key you sent. Remember that you've changed your key once and therefore the messages you've received for the first key can't be decrypted now if you didn't store the key, so they won't be in the list once you send a key.
I use encryption on my hashnix account, no issue yet.
@gemalaya I can't get rid of Message with ID 3 is encrypted or has an invalid status.. This message #3 comes again after a while, when decrypting my inbox, but show nothing, when decrypting. Your message #4 is no problem, or other messages that may follow. Sorry for providing no screencast, because I do not have such software.
@pollux All of this is normal: message #3 was encrypted for another key (the previous key, that you didn't save, right ?). Since you've changed keys now, you can't decrypt msg #3, that message can't be read (unless you recover the prev key). Subsequent messages, starting with message #4, were encoded for the new key, and so once you call "decrypt messages" with that key, you're able to decrypt all messages starting from #4. So you can ignore these "is encrypted or has an invalid status" text messages, they're just there to make it clear that there are encrypted messages in your gembox. I hope i explained it correctly.
@gemalaya Ok, thanks, but it is a bit annoying that I can't get rif of that particular message #3.
@pollux You should be able to delete it by going to this URL:
— hashnix.club:1958/msg/3/delete
With automatic confirmation:
— hashnix.club:1958/msg/3/delete?YES
@gemalaya It does not work, it says message not found, while it is still there. :-(
@gemalaya when I fetch my inbox messages it says that message #3 is from < invalid@misfin.org
: invalid@misfin.org
@ 2024-07-26T09:27:28Z
@pollux Ok. Well please ignore it for now, it's really unimportant. Next update will fix this (deletion of messages regardless of status).
@pollux Yes, when it cannot decrypt a message, the gembox reader yields a message with status 4:
— https://gitlab.com/cipres/misfin/-/blob/master/misfin/letter.py?ref_type=heads#L514
Pushing a change soon that lets you delete those messages from the inbox.
Thanks!
@pollux Pushed the changes, won't be available until there's an upgrade on hashnix.
@gemalaya No problem.
How many of you actively use misfin? I have been tempted to make a personal misfin server for a while, but keep stopping short of starting because I end up fearing that few enough folks use it. Would be nice to use it to reply to gemlog posts rather than relying on email.