-Zephyr at MIT doesn't support* limiting who can sub to a zephyr class, so if you want to have reasonably private conversations, encrypting them is a good idea. `zcrypt` is the standard tool used for doing that.
+Zephyr at MIT doesn't support* limiting who can sub to a zephyr class, so if you want to have reasonably private conversations, encrypting them is a good idea. `zcrypt` is the standard tool for that.
`zcrypt` encrypts message bodies, but not the message metadata. In particular, instances are visible to anyone who receives a message (as are senders, times, zsigs, etc., though that's less-frequently an issue).
## Creating a `zcrypt`ed zephyr class
-The main requirement for a `zcrypt`ed zephyr class is to have a key and distribute it to all the users of the class. Typically, this is done by storing the key in AFS. You can set that up with:
+The main requirement for a `zcrypt`ed zephyr class is to distribute a key to all the intended users of the class. Typically, this is done by storing the key in AFS. You can set that up with:
mkdir -p ~/Public/zcrypt/label/ # Pick an arbitrary label for your class.
fs sa ~/Public/zcrypt/label/ system:anyuser none # Keep randoms from reading your key
sipb-www / wiki.git / blobdiff