Yabasta 1.0 Alpha 3 Released

11/04/2012 Uncategorized

The prototyping continues this week with a JavaScript Off-the-Record-like implementation that enables Yabasta identities (a DSA key pair), authenticated key exchanges, identity verifications (using the Socialist Millionaire protocol), and end-to-end message encryption.

A Yabasta identity is automatically generated upon visiting the site, and can be verified (authenticated) using three different methods: Asking a question to the contact, verifying a shared secret, or simply verifying the fingerprint of the (public key of the) contact.

Three icons are used to represented the security status of contacts:  (incompatible client or key exchange error), (key properly exchanged, but the identity is not verified; conversations will be end-to-end encrypted), and (the identity of the contact is verified).

You can see the prototype in action at Yabasta.com.

This release is the fifth and last of the series of week-long sprints that I have been working on full time since the end of September. The development of Yabasta will continue, but will do so at a slower pace since I will have to attend to other matters as well.

Looking forward, the Yabasta code is going to be reviewed, cleaned-up, partly rewritten, and have some final minor features added before the project will enter beta. So stay tuned!

PS. If anyone reading this is attending FSCONS in Gothenburg next week, I’m going to be talking about Yabasta on Sunday at 16:15. DS.

, , , , ,

3 Comments

Join the conversation → Add yours