Closed JohnPlanetary closed 5 years ago
That would be great!
For MacOS, there is https://github.com/JayBrown/minisign-misc
I made a small interface for the main functions last night. I was learning some basic Python and it could make a nice little project for my free time, feel free to test it out, doesn't look pretty but it works okay.:
I guess Minisign was not design for Microsoft Windows normal users, like me, since is using command line to be able to use it. At least for dumb Microsoft Windows users like me (and OSX users), it would be nice for Minisign to have a good GUI interface. Bring it to the general public people, so simple that even your grandmother could use it, but also with the advanced options that more advanced users may want.
It should allow users to do all the operations that are possible on the GUI interface. Also allow the "import" (other people public keys) and "export" (user own public key) features, into the same folder.
It should be easy for normal users to just drop file(s) / folder(s) and select to either sign everything with user chosen public key/ verify everything displaying the different files per on the "local database" public key, and maybe also displaying the sign files for whose keys are currently unknown. Also display anything else like version used (Ed25519/Blake2b-512), untrusted comments, trusted comments, timestamp, and anything else like if it is valid in green and to what public key it corresponds. Also should be easy for public key owners to publish the full Blake2b-512 hash of the key and allow the user to compare if the local public key get from them matches the hash they published.
The above is just making it "A dead simple tool to sign files and verify signatures." for the dumb users like me that see good potential on it but think is to hard to use with command lines. There is a tool called "Xolido Sign Desktop" that is a good example of a simple GUI program, but with the advanced options that may be needed.
Future improvements suggestions:
More details on the above improvements suggestions...
1) Include a user online defined folder (in the author public key) where the program can go and check to see if the hash of the file is presented on the server with that name and if yes if the file inside includes the hash signed by that same public key.
Say for example: CheckURL:https://minisign.example.tld/ If the files has the Blake2b-512 hash: ba2632f6a9d30c1c1db6ad417210cd7dc21143467025b1b99853e41a14e94b15 Then the tool would go online and try to retrieve the same name file at: https://minisign.example.tld/ba2632f6a9d30c1c1db6ad417210cd7dc21143467025b1b99853e41a14e94b15 and verify if the file contains the hash sign by the same key.
For what? To make it harder for people that may steal the private key to sign files has being the other person without no one else notice anything. The program must know that if the public key contains that optional parameter then all the files can only be completely trusted if the program can also get the online verification file, otherwise it may be spoofed.
These should make it harder for hacking while not depending in any third parties other than the one that the author of the public key already trusts.
2) It would be nice to have some sort of "universal minisign online timestamp server" ("minisign online timestamp"). UTC time based.
The local program would send the file hash to the "universal minisign online timestamp server" and would get back the hash sign with the server public key and timestamp of the operation. Allow the use of other (multiple) services/ URLs. Other services/ URLs need their key to either be added manually by the user and/or to have the "minisign binary" updated to be trusted by default. Online Timestamp source(s) needs to be displayed on the verification window together with the time data (year-month-day-hour-minutes-seconds).
For what? To help identify the precise time when the file was created from the "third party source", someone else other then the same person that produce the file.
Completely optional, disable by default, but visibly available for those for whom that can matter: song writers; song/ video publishers; software publishers; help proof someone has had that idea at that time, etc.
If you can't/ don't want to provide that online service I'm pretty sure a man in Spain that runs the service: https://www.freetsa.org will be more than happy to run that service on that server if it can be made in some format that he can adapt to the current server.
If something that can be easily be added to any dedicated/ VPS/ shared hosting is available like some PERL or PHP file with no special requirements other than put the file there I'm sure more online services can be made available. Maybe not the top notch trust, but hey more offers is better than less in these case... and if it gets widely adopted kind of "standard" big company's, organizations of all kinds, and governments may also provide "trusted and audited solutions" that they already provide for other things.
The timestamp server should keep a log of the hashes received and when they were received. To allow anyone to go there and see if they are in the database, if they have doubts (say: public key technology may have been broken, or something). I saw one online web site claiming "Tamper-proof sequential validity chain ensures the integrity and credibility of the timestamp record" (http://truetimestamp.org) unfortunately while the concept explained on the page seems very simple (http://truetimestamp.org/img/sequential_fingerprints.png) it has forgot the access to the log database to be able to confirm the data... but is something that you can have in mind when creating some sort of solution if you really want.
Since these services may be pressed by governments / hacked to falsify the logs, the program needs to be allowed to submit the same hash to several services (defined by the user) at the same time and then get all the answers that are valid and add them to the same signature file.
Some sort of GUI interface to validate if the online timestamp(s) service(s) is(are) still available would be nice, to prevent contacting offline/ no longer available services.
For the users that don't need these functionality there is no problem since it is only used if they want it and use the proper options to get it.
But "we" can't trust anyone else argument... or "they" have to trust the public key owner about all the information provided.... except we are all the time trusting others in different degrees, these is one more way to allow that degree of trust about time information to be higher then just the self declaration that can be more bias the person own interests (several people having the same great idea may say they had that before the others... these helps them proof it beyond just their own words, from third parties that don't care about the issue, "neutral" in the matter). Not perfect, but good enough and can became better over time with more trustworthy institutions also support it (universities, banks, governments, non for profit organizations, for example).