Wednesday, May 21, 2008

Privacy in .tel

I've explained a bit what .tel means as well as its technical underpinnings. In effect, you can store in your .tel all your personal contact information and update it in real time. You'll have solved the problem of how people contact you by simply giving them your .tel.
The problem of course is that you don't want anyone to have access to your mobile phone number. Privacy is an absolute necessity! This problem is solved in a simple and open manner by enabling contact data (the NAPTR records that I talked about earlier) to be encrypted inside your .tel.
The technical solution we've adopted is as simple as we can make it. It consists of providing a free friending service whose job is two-fold:
  1. upon signing up, it creates in the background a public/private key pair for you
  2. it stores the friending relationships between you and other people
A picture to describe the friending system:



So now you've got a public and a private key (all done seamlessly behind the scenes), and you can decide who to (or not) friend.
The final step is to decide who gets to see what contact info of yours. Say for example that Adam decides that Carla can see his mobile number. The system will grab Carla's public key and encrypt Adam's mobile number with it. It will then store it in a special subdomain in the DNS. When at some later point Carla retrieves Adam's info, she will be able to automatically decrypt his mobile number with her private key (which is only known to and accessible by her).
From an engineering point of view, this technique can be used by anyone and could bypass the "official" .tel friending system altogether. As long as your friend knows how to decrypt what you encrypt, all is well.
Our job at Telnic is not nor will ever be to lock people into a proprietary system. Quite the opposite, in fact. We are looking to develop proper rules to help grow an ecosystem that will simplify communications.

No comments: