[guardian-dev] RedPhone source code posted

Jonathan Lidesköld jonathan.lideskold at gmail.com
Wed Jul 18 08:25:48 EDT 2012


I know it's already possible to make secure calls even entirely p2p.

What stills seems to be missing is an easy way to do it. I want to use a
public key hash as a phone number and not need anything more, as I said
before.

Maybe we could add that to OSTN some way or another, or we'll make
something new. I don't want it to be messy to set up, take a lot of time to
handle or be difficult. Maybe something over Tor/I2P would work well, but
that's just not something we easily can get most people to use (mostly
setup issues). And the battery issue remains on smartphones.

All the user should have to do is install and run the app/program and enter
a public key hash to call. The receiver just lets it generate a key pair
(or several) on the first run to use as an address/phone number.

The smartphone used to receive the call could be connected to an account on
any public server (or a home server), and DHT could be used to find those
details using that key hash. The caller's server could even be the one
doing the check through DHT for the details of the receiver of the call (to
speed things up and save battery).

The main advantage for using key hash over using an email as the address
for calls is that you can change server and keep the address. Or have
several servers. And DHT can even store a Tor Hidden Service address or an
I2P address.  Or all these things at once. Anything, really.

Actually, we could simply have a bunch of torrent tracker style servers
with no need for accounts, the phone just picks one that's up and running
and has the DHT updated with the latest details for incoming calls. It
would then keep a passive connection to that server. Only the first run of
the app on a smartphone would need connecting to the DHT network directly
(to find these tracker servers), after that it simply connects to known
"phone trackers" and let them do the DHT stuff. You could run your own
server at home too and have that as default for your phone.

Regarding the traffic analyis part: I don't want to have to trust one
single and practically irreplacable server for that.

Maybe I'm going off topic now, but at least it's a bit relevant. :)
What is your thoughts on these things?

- Sent from my tablet

Den 18 jul 2012 02:04 skrev "Nathan of Guardian" <
nathan at guardianproject.info>:
>
> On 07/17/2012 07:54 PM, Jonathan Lidesköld wrote:
> >  Then at least we can drop centralization.
>
> You can drop centralization today by running your own OSTN instance:
>
>
https://guardianproject.info/2012/05/17/build-your-own-open-secure-telephony-network-some-assembly-required/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20120718/3ed17f1a/attachment-0001.htm>


More information about the Guardian-dev mailing list