blob: bc4b5caa5fe86f53b5c248d481ab6c97c3198573 (
plain)
1
2
3
4
5
6
7
8
9
|
* loadLog should verify the hashes (and signatures) in the log, and
refuse to use logs that are not valid proofs of a session.
* Encryption!
* Add random nonce to start message, to avoid replay issues.
(Or perhaps the encryption derives a RSA key in a way that avoids
replay..)
* Network!
* Server!
* gpg key downloading, web of trust checking, prompting
|
