[Question] How does this work? #126
Comments
|
No. Cryptographically you can think of DIME as PGP (w ECC), but with key lookup/management operations in the protocol (to facilitate transparent automation). Lookups follow a DNS model, ala chaining, only DIME has mechanisms in place to detect when the domain owner tries to publish a fake user key. Key data formats, ciphers, are also tightly defined, to facilitate strict validation and interop. Which is a luxury general purpose formats, with long histories, like OpenPGP don't have. The message format is MIME-llike (the closest allegory being an S/MIME message) to facilitate efficient access. Unlike OpenPGP & S/MIME which are general purpose formats, DIME uses a format specific to email messages. This was done to support efficient access and meta data minimization. The new message format allows a client to validate the signature on a message, without having to download the entire message, so a mobile phone user could, in theory validate a message, and then download the headers, but skip the 100 megabyte cat video. The new message format is also designed to obscure meta data, in a manner similar to TOR. However, it's important to note there is no middle (aka relay, aka mix) node. That's why I say it minimizes meta data. It doesn't eliminate it. Full anonymity can cause problems with sending bounces, and/or spam complaints. (DIME is focused on privacy, note anonymity.) For a user to get full anonymity they need to combine DIME with TOR (or I2P). I suspect this will be a common marriage, which is why I added hooks in the signet (aka public key) data format so domains can advertise their support for access and/or delivery using TOR. The user signet format also supports bootstrapping, whereby it can advertise support for an alternative channel (like bitmessage). It's an ambitious undertaking, and development has been slow, as I've mostly relied on interns to assist me. That's why we have a prototype library... but have lots of work to do before it's production ready. We've made good progress on the server, aka this repo. It's the client lib & gui that are lagging from limited resources. (I can't afford to hire full time, Sr. Programmers like myself to work on it.) We have designs, mockups etc. It''s the lack of Sr C/C++ developer talent that's slowing us down. Only the cross-platform functionality will be in C/C++, something akin to what you get with libgpg. For more details on what can be done, see the spec. It's relatively complete. However there are sections that could use improvement. For example not all of the binary format details are in the spec (but they are documented in the code). |
|
@ladar I would like to contribute to the development of magma and volcano, but I have no coding experience, unfortunately. I do already have a paid account that I use, but I was wondering if there is any other way I can contribute to this project. You mentioned that you cannot afford to hire other programmers. Perhaps myself, and maybe others in my position as well, could help by pledging a monthly donation amount so that we can get the ball rolling. EDIT: Sorry, I just found the donation link at https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=MDVQTEBLPQTZY |
|
@DarkXoa hi... yes the donation link is on the darkmail.info site. I try to keep the keep the community, open source efforts separate from the commercial email service, aka lavabit.com. That said, I should probably add links to the README file, and magma/volcano websites. As for contributing, there is a TON of non technical, and semi technical tasks you could help with. Documentation would be a good place to contribute. There are 100s of pages already, 1000s if you count the technical docs magma.api.pdf ... magma.web.api.pdf for starters. What we need though, is something akin to a system administrator handbook... which shows people how to install, setup and manage a server. The dark mail specs still need work as ell, if your detail oriented, some of the binary formats, etc, need documenting. And all of the specs need work to become formal IETF RFCs. If you have scripting skills, we also need a user friendly INSTALL script. The perl script in the project root is out of date (files have moved, etc). I would like to also setup a more formal release process... aka building binary packages for various distros. The magmadaemon.org and volcanoclient.org websites (and darkmail.info) could use improvements as well. |
|
btw it looks like the mailing list link is not working on darkmail.info as
I just tried to sub and nothing.
…On Fri, Nov 30, 2018 at 3:04 PM Ladar Levison ***@***.***> wrote:
@DarkXoa <https://github.com/DarkXoa> hi... yes the donation link is on
the darkmail.info site. I try to keep the keep the community, open source
efforts separate from the commercial email service, aka lavabit.com. That
said, I should probably add links to the README file, and magma/volcano
websites.
As for contributing, there is a TON of non technical, and semi technical
tasks you could help with. Documentation would be a good place to
contribute. There are 100s of pages already, 1000s if you count the
technical docs magma.api.pdf
<https://github.com/lavabit/magma/raw/develop/dev/docs/magma.api.pdf> ...
magma.web.api.pdf
<https://github.com/lavabit/magma/raw/develop/dev/docs/magma.web.api.pdf>
for starters. What we need though, is something akin to a system
administrator handbook... which shows people how to install, setup and
manage a server. The dark mail specs still need work as ell, if your detail
oriented, some of the binary formats, etc, need documenting. And all of the
specs need work to become formal IETF RFCs.
If you have scripting skills, we also need a user friendly INSTALL script.
The perl script in the project root is out of date (files have moved, etc).
I would like to also setup a more formal release process... aka building
binary packages for various distros.
The magmadaemon.org and volcanoclient.org websites (and darkmail.info)
could use improvements as well.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#126 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABBYMObrzYNd1T33C0_ttfK7NkLM0cKsks5u0Y9qgaJpZM4YfEZZ>
.
|
|
@webdawg hi... thank you for the report. I discovered the broken mailing list link a week or so ago, and I've been working on getting it up and running again. It seems the Mailchimp account that was associated with the list expired, and even though I recovered the credentials, the service won't let me login/reactivate the account. A colleague was following up, but as of last night I haven't heard anything. |
Ha! More seriously, why don't you run a yearly crowdfunding campaign? I really want to support Darkmail and Lavabit (e.g., financially speaking, you), but before yesterday I didn't even know how I could make you a donation. Besides the Kickstarter, is Lavabit your only source of income? You've got a lot of supporters out there, I suppose we just don't know how we could support you and help you to get more developers. Edit: most people think the project is dead. If I didn't check this repo to see you push some changes, I'd think the servers would magically maintain themselves as well. |
Hi @Wonderboom I'm working on something at the moment, that if all goes smoothly, I'll be able to officially announce next Friday. |
|
@ladar looks like it didn't go smoothly. This is sad to see because this project looked very promising a few years ago. |
|
@yoshimo You should read Ladar's first post. |
|
@yoshimo / @Wonderboom I'm happy to announce our paperwork has finally been filed with the SEC, so I can freely announce/discuss the crowd-equity raise we launched this past weekend. It's just getting started and we probably won't be doing much promotion of it until next week, but please spread the word. The campaign was timed to coincide with my appearance on the latest episode of Meet the Drapers, where I pitched the equity raise. That episode finally hit the airwaves last Saturday. We're still refining our campaign pitch, but you can find it here: And a promo for Meet the Drapers here: I'm still searching for an online version of the entire segment on Meet the Drapers, but haven't found one yet. |
|
congrats with with the well went crowdsourcing @ladar! what we can expect next? |
I've posted this else where (/r/privacy and /r/darkmail) and nobody seems to be able to explain this in simple terms. How does darkmail work? Is it similar to Bitmessage?
The text was updated successfully, but these errors were encountered: