Are you trying to implement a P2P backend for a forum? What is the reason for needing encryption & signing capability you described (including splitting/joining messages) in a forum app? How would people interface with this forum? Through existing mail/news client or are you providing a web (or desktop) frontend? Does your forum need to receive unsecured messages, and do your forum users have the ability to accept secured messages? Cheers, yc <div class="gmail_quote">On Sun, Dec 27, 2009 at 12:16 AM, Synx <<a href="mailto:plt@synx.us.to">plt@synx.us.to</a>> wrote: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im"> Andrew Reilly wrote: > Have you correlated your ideas against Google's "wave"? </div>***YES*** ... okay, not to be inflammatory or anything; I have looked into the various other ways people are working on it. The closest model to my idea is FMS+Freenet. You could, technically, implement everything I said with that. The trouble is it has so much other baggage. I just wanted to focus it down to a file format, and let the network design or methods of transport remain open to the different situations people have. Plus FMS doesn't let you post images, lol. Google Wave seems like it would be similar to what I'm talking about, but unless I miss my guess, that is more propaganda than actual truth. The fact is that Google Wave doesn't have secure signing, doesn't have private end-to-end encryption, and doesn't have a way to refer to other messages and attachments simply by their content hash key. As far as I can tell it's a glorified email program that relies on blind trust in the server authorities to allow you to have an identity at all. The ability to compose messages is somewhat enhanced due to a semi-smart XML format instead of (ugh) MIME, but the average user won't even so much as be asked if they want to sign their messages, much less be led through a sensible system that will ensure all breaches of privacy are their own damn fault and not just ignorance. Thanks for asking, truly, but Google Wave doesn't solve any of the problems I'm concerned with. They even specify the network protocol (XMPP) instead of making a solidly decoupled standard for accessing cataloging and verifying files. I hope that this forum can be transported over Google Wave one day. But it should also work over email, or by hand delivered letters. The only trick is the destination has to decode it in the same manner that the source encodes it, but in between it can pass through many channels, and many untrusted sources, and the absolute worst that could happen is simply failure of delivery. Given the Gnutella network and a PGP program I could manually implement this forum I'm thinking of. It is quite do-able by hand, but I feel that the process of splitting up messages into pieces and generating the tree of signing and encryption necessary to protect the original message, is an ideal task for computers to perform. So I wanted to make a system that is well defined, in terms a computer can understand, to allow us to make use of such practices as secure signing, maximum piece size limits, hash verification, and encryption, with nothing more complicated than the push of a button. <div><div></div><div class="h5">_________________________________________________ For list-related administrative tasks: <a href="http://list.cs.brown.edu/mailman/listinfo/plt-scheme" target="_blank">http://list.cs.brown.edu/mailman/listinfo/plt-scheme</a> </div></div></blockquote></div>