I am pleased to announce that the technical standards documentation for blogsig: a message authentication system for Internet forums will be made available on this blog within the next few days. Development on the proof-of-concept remains fast paced, and the standards document appears to be quite a living and breathing thing with modifications being made daily. As regular readers of this blog will know, I have spent a considerable amount of time engineering blogsig – a simple message authentication system for Internet forum posts that augments, rather than replaces ‘stronger’ technologies like PGP.
The blogsig extension enables in-browser verification of posts.
A flow chart documents the validation process from the perspective of the browser plugin.
Today you will notice that I have put up a somewhat simplified flow chart showing how a browser plugin designed to validate blogsigs would go about the verification process. There are some critical parts missing from the chart and it isn’t intended to be an entireley accurate representation.
The project has unfortunately been sitting on the back burner for a month or so due to work and family commitments, but now the specification document is nearing completion and the demonstration code is also not too far off being releasable. Some final decisions on architecture still need to be made as my current system makes use of ECDSA and I’d ultimately like the finished product to use djb’s ED25519. So, stay tuned and I will upload the documents here for all to see and critique.
UPDATE: The flow diagram has been updated to reflect that data is now embedded within the PGP key as a User Attribute, rather than simply being put in the Comments field.
Mike the Crypto Goat 