Topic: Introducing Keyhotee - Next Generation Identity, DNS, Messaging, and Wallet (Read 4009 times)

Amazing.How's going?

The new Keyhotee alpha release 0.5.6 is available here: http://invictus.io/bin/keyhotee_0.5.6.zip
Linux release to follow tomorrow, assuming no major problem reports.

This version fixes the "send to wrong contact" bug introduced in 0.5.5 that was causing emails to be lost, plus many other smaller bug fixes.

One change you'll note if you create a new profile is that there's less info requested on profile creation. There's also a mail server icon that reports the status of your connection to the mail server (it's beside the bitshares "plug" that currently reports "disconnected" for alpha testers unless you're running a special build). 

There's a new feature for selecting a contact from your contact list and emailing it to other users for import into their contact list (new contact is sent as an attachment that can be selected for import by recipient). In another day or so, this will be updated to send multiple contacts. There's also an authorization feature that will ultimately be used for a couple of things (sharing transaction keys for increased privacy transactions, direct connect IM, etc), but this feature doesn't yet do much on the surface.

Now that the hectic support activity from Keyhotee founder ids has settled down, I've been diving into the existing code for keyhotee ID mining. Getting that operational is the next major task for me. I have a rough idea of what needs to be done, but I'm still mapping out the details before I make major changes.

I suggest you implement SQRL ASAP. It's better than a password by far and it's simple. Please avoid using passwords.

http://www.techrepublic.com/blog/it-security/sqrl-a-new-method-of-authentication-with-qr-codes/
https://www.grc.com/sqrl/sqrl.htm

If you missed the C3 conference and our presentation about Keyhotee, you may want to checkout this video where I explain how Keyhotee will change the way we do business on the internet and put an end to NSA spying and identity theft.  

http://www.youtube.com/watch?v=3pZaTdEtK-8

Topics Covered:

Keyhotee ID       -  Email and Website Login
DomainShares    - Domain Names and Certificate Authorities
Keyhotee Mail     - secure email, chat, VOIP, etc
Keyhotee Wallet  - Secure, multi-currency wallet without need for using Bitcoin addresses.  

Feedback appreciated.

On your phone, a SQRL app would contain a secret 256-bit blob of data. This would be your randomly generated secret code, which is never divulged to anybody else. The QR code itself would contain a URL, including the domain name of the site you're trying to connect to. When you scan the code, your app would create a public and private key pair from your master key and the domain name of the site, using an HMAC hashing function. Then, the app would communicate with the site directly, sending the public key as your identity (the equivalent of a username), and the encrypted QR code as your authentication (the equivalent of a password). Since your master code, the secret blob of data, never changes, the resulting public key wouldn't change either. That means the website would know it's you. And by encrypting the QR code of the site with your private key, the site can verify that you indeed possess the matching private key, without actually having it, thanks to the beauty of public key cryptography.