-
PGPainless meets the Web-of-Trust
Path finding in a “Web-of-Trust” – Photo by Mads Schmidt Rasmussen on Unsplash We are very proud to announce the release of PGPainless-WOT, an implementation of the OpenPGP Web of Trust specification using PGPainless. Big thanks to Heiko for his valuable contributions and the great boost in motivation working together gave me 🙂 Also big thanks to NLnet for sponsoring this project in such a flexible way. Lastly,…
-
Creating an OpenPGP Web-of-Trust Implementation – Knitting a Net
A densely interconnected directed graph forming the Web-of-Trust. Photo by Ricardo Resende on Unsplash I imagine the Web-of-Trust as an old, half-rotten fishing net (bear with me); There are knobbly knots, which may or may not be connected to neighboring knots through yarn of different thickness. Some knots are well-connected with others, as ye olde fisherman did some repair work on the net, while other knots or even whole…
-
Use Any SOP Binary With SOP-Java and External-SOP
I just released another library named external-sop, which implements sop-java and allows the user to use any SOP CLI application of their choice from within their Java / Kotlin application!
-
Implementing Packet Sequence Validation using Pushdown Automata
In the previous blog post I discussed how a formal grammar can be transformed into a pushdown automaton in order to check if a sequence of packets or tokens is part of the language described by the grammar. In this post I will discuss how I implemented said automaton in Java in order to validate…
-
Using Pushdown Automata to verify Packet Sequences
As a software developer, most of my work day is spent working practically by coding and hacking away. Recently though I stumbled across an interesting problem which required another, more theoretical approach…
-
Creating a Web-of-Trust Implementation: Accessing Certificate Stores
A different type of certificate store. Photo by K Fraser on Unsplash I made progress towards a full WoT implementation. The current milestone entails integrating certificate stores more closely with the core API. More specifically, an implementation of the Shared PGP Certificate Directory.
-
Creating a Web-of-Trust Implementation: Certify Keys with PGPainless
Currently I am working on a Web-of-Trust implementation for the OpenPGP library PGPainless. Technically, the WoT consists of a graph where the nodes are OpenPGP keys (certificates) with User-IDs and the edges are signatures. In order to be able to create a WoT, users need to be able to sign other users certificates to create…
-
Reproducible Builds – Telling of a Debugging Story
I try to make PGPainless build reproducible. A few months ago I added some lines to the build script which were supposed to make the project reproducible by using static file modification dates, as well as a deterministic file order in the JAR archive. However, recently my JAR files started to contain mismatching bytes…
-
Europe Trip Journal – Entry 30: Thank You for Traveling with Deutsche Bahn
It is time to go home. This morning I woke up at 9:20 and decided to get some breakfast. Afterwards I returned to my room and was greeted by my room mate H. who told me that the cleaning personnel wanted to do their job and that checkout was supposed to be done at 10:00.…
-
Europe Trip Journal – Entry 29: Prepare for Reentry
Today I got up a bit earlier than yesterday, meaning I had to actually pay for breakfast again ;). Unfortunately the coffee was already running out, so I only got a single cup which had to do it. Milk was also empty, so no cereals this time. Well, there was yogurt as a worthy replacement.