Gale is a distributed chat system, with both multi– and single–cast modalities. In many ways it is similar to the
cesspoolsystem talked about within the SGO a few years back.
Now, at some point around here, some long-term Gale users will probably jump on me and accuse me of using the wrong terminology, but here we go…
The destination of any message is a list of addresses of the form category@domain; lets consider the simple case where it is a list with one item firstname.lastname@example.org (which is my own gale address). The client then talks to the galed for yammer.net (which it finds using the DNS) and gets the public-half of the key for that address (which the galed has at some point got from my client) which it uses to encrypt the message. It also signs the message with the private-half of the key of the originator.
Next it gives the message to the galed. At this point I have to start looking at things from the other side....
When I start my gale client (in this case called gsub) it has a list of addresses that it wants to listen to (specifically email@example.com, firstname.lastname@example.org and email@example.com — I'll return to the other two later). So, my client talks to the galeds on yammer.net and ofb.net and asks to listen to those addresses. At this point it has to do an authentication dance using my key to show that it's allowed to listen to them.
So, if any message to an address that I'm listening to arrives on a galed it sends it on to my client, which can then decrypt it as it has the appropriate private key, and verify the signature, because it can get the public key of the sender. If a message arrives and noöne is listening then it gets thrown away.
OK, back to the other two addresses there. These two are "public categories", they don't have keys as such, so anyone can read them. Categories can also have a private key that is distributed manually, or one with a specified list of "allowed" people embedded within it (in which case the galed will allow the allowed people to get a copy of the key from it).
The other thing about addresses is that they can have additional sub-addresses made out of them, thus I might instead send messages to firstname.lastname@example.org, which means that conversational threads can be easily seperated.
This technology seems to work quite well. If your own galed is missing then you can still communicate and read puffs sent to public categories hosted on other galeds; but other people won't be able to verify the signature on your puffs (unless they happen to have a cached copy of your key).
I use a command-line based client, but there are GUI and full-screen textmode clients, and a web based one.
I have a screenshot of my galeing environment.
I'd suggest that interested people read more here but lots of the interesting technology isn't documented. But read more anyway....