Skip to content

SECURITY: Encrypt payloads using target user's public key #4

Open
Open
SECURITY: Encrypt payloads using target user's public key#4
@HenrikBengtsson

Description

@HenrikBengtsson
HenrikBengtsson
opened on Feb 28, 2026

Wish

Encrypt messages and data streams that meant for a single, specific user using the target user's public pico.sh SSH key.

Background

The pico.sh service supports querying the public keys of a specific user;

$ curl https://auth.pico.sh/pubkeys/alice

(This was added on 2026-01-22, cf. picosh/pico#199 (comment))

Tasks

  • Which key to use when a user have multiple public keys?
  • Should user's announce their public keys in the message board part of their posted messages?
    • only allow keys available on pico.sh
    • maybe a short digest hash code, which is sufficient to identify the key in case there are multiple?
  • Add a once-per-session key validation, i.e. verify that the select public key works and then memoize the (user, public key) map
  • ...?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions