summaryrefslogtreecommitdiff
path: root/README.md
diff options
context:
space:
mode:
authorNico Schottelius <nico@nico-notebook.schottelius.org>2019-09-10 01:53:43 +0900
committerNico Schottelius <nico@nico-notebook.schottelius.org>2019-09-10 01:53:43 +0900
commit3b8e2bff869096edf9ab0dead1c61eeae26a3d4f (patch)
tree188bfc680c9d4ec2ca61c152b0d609b84e3478b0 /README.md
parent9cda2ce9b8d35ba02a56e7f61c9e2f009ed85b73 (diff)
Include friendchecker
Diffstat (limited to 'README.md')
-rw-r--r--README.md137
1 files changed, 137 insertions, 0 deletions
diff --git a/README.md b/README.md
index 39a7781..0cbcd48 100644
--- a/README.md
+++ b/README.md
@@ -10,3 +10,140 @@ know when they are online. Let's solve this problem once-and-for-all
in a decentralised, sustainable and future proof way.
## Here come's the real IPv6 friend
+
+Instead of using a single system or server, we use IPv6 to connect to
+our friends directly. Because each of our friends is reachable by IPv6
+if they are online (otherwise they would not be a real IPv6 friend),
+we can easily verify if they are online. To find out who is online,
+just connect to their computer!
+
+## How it works
+
+It's a bit geeky, but it works actually rather simple.
+To become a real IPv6 friend, you need to do the following things:
+
+- Generate a GPG key with a comment named RIF following the URL of
+ your computer
+- Ensure that the URL points to the IPv6 address of your computer
+- Setup a webserver on your computer
+- Export your key and all real IPv6 friend keys to your webserver as
+ "rifkeys.txt
+- For each of your friends, check whether they are online!
+
+### Example: Generating a key with the right comment
+
+In this example I choose to create an ECC based key that requires the
+export option in gpg:
+
+```
+[1:24] line:~% gpg --expert --full-gen-key
+gpg (GnuPG) 2.2.12; Copyright (C) 2018 Free Software Foundation, Inc.
+This is free software: you are free to change and redistribute it.
+There is NO WARRANTY, to the extent permitted by law.
+
+Please select what kind of key you want:
+ (1) RSA and RSA (default)
+ (2) DSA and Elgamal
+ (3) DSA (sign only)
+ (4) RSA (sign only)
+ (7) DSA (set your own capabilities)
+ (8) RSA (set your own capabilities)
+ (9) ECC and ECC
+ (10) ECC (sign only)
+ (11) ECC (set your own capabilities)
+ (13) Existing key
+Your selection? 9
+Please select which elliptic curve you want:
+ (1) Curve 25519
+ (3) NIST P-256
+ (4) NIST P-384
+ (5) NIST P-521
+ (6) Brainpool P-256
+ (7) Brainpool P-384
+ (8) Brainpool P-512
+ (9) secp256k1
+Your selection? 1
+Please specify how long the key should be valid.
+ 0 = key does not expire
+ <n> = key expires in n days
+ <n>w = key expires in n weeks
+ <n>m = key expires in n months
+ <n>y = key expires in n years
+Key is valid for? (0) 0
+Key does not expire at all
+Is this correct? (y/N) y
+
+GnuPG needs to construct a user ID to identify your key.
+
+Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? c
+Comment: RIF https://nico.ungleich.cloud
+You selected this USER-ID:
+ "Nico Schottelius (RIF https://nico.ungleich.cloud) <ipv6@nico.ungleich.cloud>"
+
+Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
+We need to generate a lot of random bytes. It is a good idea to perform
+some other action (type on the keyboard, move the mouse, utilize the
+disks) during the prime generation; this gives the random number
+generator a better chance to gain enough entropy.
+We need to generate a lot of random bytes. It is a good idea to perform
+some other action (type on the keyboard, move the mouse, utilize the
+disks) during the prime generation; this gives the random number
+generator a better chance to gain enough entropy.
+gpg: key 27541E11E73F288D marked as ultimately trusted
+gpg: directory '/home/nico/.gnupg/openpgp-revocs.d' created
+gpg: revocation certificate stored as '/home/nico/.gnupg/openpgp-revocs.d/B982A8BABC030C66DEF5984527541E11E73F288D.rev'
+public and secret key created and signed.
+
+pub ed25519 2019-09-09 [SC]
+ B982A8BABC030C66DEF5984527541E11E73F288D
+uid Nico Schottelius (RIF https://nico.ungleich.cloud) <ipv6@nico.ungleich.cloud>
+sub cv25519 2019-09-09 [E]
+
+
+```
+
+### Example: Setting up a webserver
+
+On a Debian/Devuan based distro:
+
+```
+apt install nginx
+sudo chown $(whoami) /var/www/html
+```
+
+
+### Exporting all keys
+
+To make yourself accessible and expose who your real IPv6 friends are.
+
+```
+gpg -a --export RIF > /var/www/html/rifkeys
+```
+
+### Example: List your friends
+
+```
+[1:40] line:~% gpg --list-keys --with-colons | grep RIF | awk -F: '{ print $10 }' | sed 's/\\x3a/:/'
+Nico Schottelius (RIF https://nico.ungleich.cloud) <ipv6@nico.ungleich.cloud>
+Nico Schottelius (myself) (RIF https://nico2.ungleich.cloud) <nico@nico.ungleich.cloud>
+```
+
+### Example: Checking which friends are online
+
+Use the included rif-checkfriends.sh script or iterate yourself over
+above output.
+
+```
+
+
+```
+
+
+## To be added
+
+- advanced usage -> ipv6 email
+
+### CLI ideas
+
+- **rif prepare**: check webserver, keyring, etc.
+- **rif online**: check who is online