@Mike I programmed a addon that provides a Facebook-like chat using Jappix Mini. To make sure I did it right, I have some short questions concerning DFRN. When two users get friends, a key pair is generated (pubkey and prvkey). Are the following statements true?

- The pubkey is not actually public. Only one user knows it (and his friend could reconstruct it from prvkey).
- The DFRN protocol relies on this - if the pubkey would get published on the internet, this would be very bad.
This is one reason why DFRN needs to be phased out.

But yes to both statements. Each relationship gets a keypair, and these should not be exposed. However, if a key leaks it only compromises the one relationship attached to that key.

But in order to simplify relationships, we provide a "duplex" relationship where only one keypair is necessary to communicate.

In traditional (non-duplex) DFRN, each side of the relationship gets a symmetric key for their side of the conversation. That is, I would have a public key for one side of the conversation and the other person will have the private. He/she will have a complementary set of keys for his/her side of the conversation.

Also, along with the key is an id string which would also be necessary to compromise a relationship. However the ID string is sent in cleartext.