PSST User Stories
From Guardian Project Wiki
(Difference between revisions)
(→The Small Cabal: converted to bullet points to match the rest) |
(→Improv Movement organized via social networking) |
||
| Line 65: | Line 65: | ||
* TOFU/POP (Trust On First Use/Persistence of Pseudonym) | * TOFU/POP (Trust On First Use/Persistence of Pseudonym) | ||
| - | * OTR question/answer | + | * OTR question/answer, if they have shared context |
| - | + | * can share TOFU/POP status with others to build trust in keys | |
| - | + | ||
== Foreign Journalist, Diplomat, or Business Person == | == Foreign Journalist, Diplomat, or Business Person == | ||
Revision as of 23:06, 14 April 2012
Contents |
User Scenario Points
- for User Story Narratives based on these points, see []
The Small Cabal
- small group of people and meets up in person
- needs to communicate as securely and anonymously as possible
- all sign every other's key in person
- local-only, unpublishable signatures
- no one uploads their keys to any other server or device
- generate a revocation certificate and hook it up to their panic button app
- panic button broadcasts the revocation certificate to a pre-determined list of people
Diffuse Activist Organization
- working in a country that aggressively tracks communications
- many people meet in person at various places around the country
- some people also travel to regional and national meet-ups
- very few participants meet everyone in the organization
- the central forum for the whole group is on the internet
- lots of big group discussions and announcements
- each person has a key, they post it to the PGP keyservers
- they generate a revocation certificate
- they do not post any signatures to the key servers
- whenever they meet another person that they trust, they sign each others' keys and swap all signature data using direct p2p communication
- they establish the first step of trust via OTR question/answer
- they can then check whether they have PGP trust path to each others' keys
- when they hit the panic button the post the revocation certificate to the keyserver
- each client automatically checks the public keyservers regularly for revocations
Multinational Org
- many people work in countries where the government does not aggressively monitor communications
- a handful of people work in high risk environments from time to time
- there are also local contacts in aggressively monitored countries working with the org
- local operatives use only private signatures
- the public figures want to have a public trust profile
- they use the public PGP infrastructure
- they publicly share all public signatures
- private signatures are in lsign format, so they cannot be shared
- all signatures are always sent to the key owner via email
- signer can mark the signature as private or public
- a private signature uses an "lsign" which cannot be exported to the keyservers
- the key owner can then decide how to manage the signatures
- privately import the signature to their keyring, where it will be stored in an unpublishable format
- publicly import the signature into their keyring and sync it via the public PGP servers
Improv Movement organized via social networking
- loosely or barely connected groups of people
- want to avoid active keyword, etc filtering
- relatively open and public infrastructure
- frequently infiltrated in certain pockets
- TOFU/POP (Trust On First Use/Persistence of Pseudonym)
- OTR question/answer, if they have shared context
- can share TOFU/POP status with others to build trust in keys
Foreign Journalist, Diplomat, or Business Person
- clear outsider status
- want to keep private communications private in the face of government monitoring
- has strong links to institutions outside of the country in case of trouble
- needs standard crypto tools made easy to use
