then, you use the Bitmessage system to encrypt your message so it is readable only by Alice's private key.īut how did you know that BM‐2nTX1KchxgnmHvy9ntCN9r7sgKTraxczzyE is really Alice's address? Maybe someone printed out fake business cards, or hijacked Alice's website to change her address. When you have fetched the key, you quickly verify that its fingerprint matches the one in Alice's address. You make a P2P Bitmessage request to get the public key associated with BM‐2nTX1KchxgnmHvy9ntCN9r7sgKTraxczzyE. Alice advertises her Bitmessage address (e.g., on her business cards, on her public website, etc.) as BM‐2nTX1KchxgnmHvy9ntCN9r7sgKTraxczzyE.
#BITMESSAGE CHANNEL LIST HOW TO#
Thus, there is nothing to verify: when you send a message to user with public key P, you don't need to verify that your recipient's public key is really P, because you have identified your recipient solely by his public key.Īs for how to tell if a public key belongs to a particular real-world entity: you can't, just as you can't easily verify that a particular email address belongs to a particular real-world entity.įor example, you want to send Alice a message. It appears that a user's public key (or, a hash of their public key) is their messaging address. an example address would be: BM‐2nTX1KchxgnmHvy9ntCN9r7sgKTraxczzyE. If the public key can be obtained by the underlying protocol, then it can easily be hashed to verify that it belongs to the intended recipient.
We propose a system where users exchange a hash of a public key that also functions as the user’s address. Since only the actual recipient can successfully decrypt the messages intended for him, all network participants know that if they fail to decrypt the message then the message was not intended for them. Therefore, every network participant tries to decrypt every message passing through the network even if the message was not originally intended for that network participant. Outgoing messages contain no explicit address of the recipient of the message.
0 kommentar(er)
