i2p.i2p-bote
i2p.i2p-bote copied to clipboard
Published
20 hours ago •
i2p
i2p
Half-logged-in (for mail fetching) (Trac #1483)
It would be nice to be able to fetch mails even if the use has password-protected his Bote account and is afk.
str4d, therefore, suggested a state of being "half logged in", as in: the public key is decrypted, thus exposing your identities, while the secret key is not decrypted and thusly emails cannot be decrypted.
from irc: fox@irc2p str4d: has the idea of having a ~/.bote folder with private keys and addrs been thought of?
- fox@irc2p was setting up i2p and realized multi user bote would be so useful str4d@irc2p fox: multi-user Bote would definitely be useful, but impl would be tricky str4d@irc2p If done in same Bote instance, users could read each other's mail and use their identities, if no password set str4d@irc2p (which would need to be the case if auto-checking was to be done) str4d@irc2p But an idea just occurred to me: I wonder if it is possible for I2P-Bote to be in a half-logged-in state, where only the public portion of the EmailIdentities is exposed? str4d@irc2p That might be sufficient to download EmailPackets without unencrypting them. str4d@irc2p and then they could be decrypted when the user next logs in (which would then fire off the deletion packets) user: you couldn't send the deletes then user: you'd send the deletes only when the user actually logs in, giving more information about the actual user behaviour (for mitigating this, see subticket)
Migrated from https://trac.i2p2.de/ticket/1483
{
"status": "assigned",
"changetime": "2017-01-15T14:09:13",
"description": "It would be nice to be able to fetch mails even if the use has password-protected his Bote account and is afk.\n\nstr4d, therefore, suggested a state of being \"half logged in\", as in: the public key is decrypted, thus exposing your identities, while the secret key is not decrypted and thusly emails cannot be decrypted.\n\nfrom irc:\n<fox@irc2p> str4d: has the idea of having a ~/.bote folder with private keys and addrs been thought of?\n* fox@irc2p was setting up i2p and realized multi user bote would be so useful\n<str4d@irc2p> fox: multi-user Bote would definitely be useful, but impl would be tricky\n<str4d@irc2p> If done in same Bote instance, users could read each other's mail and use their identities, if no password set\n<str4d@irc2p> (which would need to be the case if auto-checking was to be done)\n<str4d@irc2p> But an idea just occurred to me: I wonder if it is possible for I2P-Bote to be in a half-logged-in state, where only the public portion of the EmailIdentities is exposed?\n<str4d@irc2p> That might be sufficient to download EmailPackets without unencrypting them.\n<str4d@irc2p> and then they could be decrypted when the user next logs in (which would then fire off the deletion packets)\nuser: you couldn't send the deletes then\nuser: you'd send the deletes only when the user actually logs in, giving more information about the actual user behaviour\n(for mitigating this, see subticket)\n",
"reporter": "user",
"cc": "",
"resolution": "",
"_ts": "1484489353166586",
"component": "apps/plugins",
"summary": "I2P-Bote: half-logged-in (for mail fetching)",
"priority": "maintenance",
"keywords": "I2P-Bote",
"version": "0.9.18",
"parents": "1482",
"time": "2015-03-04T21:22:09",
"milestone": "undecided",
"owner": "str4d",
"type": "enhancement"
}
Trac update at 20150304T21:38:37: user commented:
optional enhancement: choose randomly in which of the following mail fetches the deletes should be sent, just in order to distract a bit more from the actual time the user logged in.
Trac update at 20170115T14:09:13:
- zzz changed owner from "" to "str4d"
- zzz changed status from "new" to "assigned"