Improving KDEConnect encryption.
Albert Vaca
albertvaka at gmail.com
Sat Mar 7 20:10:29 UTC 2015
Maybe the public keys have to be inside the specific link and not
inside Device then. This is something to consider, taking into account
what other links could need (bluetooth, online connection... are they
going to use key pairs, ssl sockets or something else?).
On Sat, Mar 7, 2015 at 2:04 AM, vineet garg <grgvineet at gmail.com> wrote:
>
>
> On Sat, Mar 7, 2015 at 2:58 PM, Albert Vaca <albertvaka at gmail.com> wrote:
>>
>> On Sat, Mar 7, 2015 at 1:06 AM, vineet garg <grgvineet at gmail.com> wrote:
>> > Hi,
>> >
>> > I have a couple of suggestions on it.
>> > First of all I would like to know how packages are distributed in
>> > kubuntu,
>> > may be we could add a "check for update" button in kubuntu version of
>> > application.
>>
>> No, we don't want to sneak around the distribution's packages manager.
>> I'm actually a bit concerned about you suggesting this, first of all
>> because we should care about every distribution, not only Kubuntu, and
>> second because you say that you don't know how packages are
>> distributed. What distro are you using that package distribution is a
>> new thing for you?
>
>
> I use Kubuntu and use Muon package manager and discover or apt-get to
> install new packages, but I don't know how do we publish packages there.
>
>>
>> >
>> > Or we could provide a link to old version of android application which
>> > does
>> > not support ssl on application page of playstore.
>>
>> This is not user-friendly nor easy to maintain.
>>
>> >
>> > Or the best one is to include "isSSLSupported" in identity package and
>> > have
>> > a separate backend implementation for ssl and normal version, this would
>> > be
>> > little difficult because simple socket can't connect to ssl server
>> > sockets
>> > due to difference in protocols they follow, but it is achievable(May be
>> > we
>> > need a SSLLanLink, SSLanLinkProvider and split Device into two, i.e
>> > normal
>> > Device and SSLDevice).
>> >
>>
>> This is in my opinion the way to go and I don't think it is that
>> difficult. We should be able to have at the same time our current
>> LanLinkProvider and a new SSLLinkProvider (maybe using a different
>> port, so they don't clash). The Device should be completely unaware of
>> the kind of Link that has underneath (that's the entire purpose of
>> abstracting the links), so in no way we should need an SSLDevice.
>
>
> The part I wrote about Device is because current Device class handles public
> key, but we need to handle certificates in SSL, so we need to change that,
> we also need to change pairing callbacks to store certificate instead of
> public keys.
>
>>
>> > I will further dig into it.
>> >
>> > Vineet Garg
>> >
>>
>> Albert
>
>
> Still, I get your point and will sort out this problem and I will include it
> in my GSOC proposal.
>
> Vineet Garg
>
More information about the KDEConnect
mailing list