Egregoros

Signal feed

API Docs
Timeline

Post

Remote status

Context

2
feld

feld

@feld@friedcheese.us remote
Open link
@phnt @benpate

> E2EE
> Fediverse

Complete and utter bullshit. Explain how they manage private keys. Not gonna happen. Their document skips this step and only discusses how to discover public keys. They're waiting until the last minute to solve this piece because it's the hardest part. How can you securely distribute them across every browser/session and app that people use to access Mastodon etc? If they were gonna copy Matrix's SSSS they'd have mentioned it

https://github.com/swicg/activitypub-e2ee/blob/main/architectural-variations.md
Replying to @feld@friedcheese.us
Phantasm

Phantasm

@phnt@fluffytail.org remote
Open link
@feld @benpate I wonder what Soatok thinks of this after trying for years to wedge E2EE into ActivityPub. But ultimately, they went the easy route and chose MLS and AP as a dumb transport protocol.

They probably won't bother with proper key management and instead make it device-to-device, or copy the way OMEMO does it. Maybe with only publishing a new public key being possible by approving it from a device with an already published key.

I don't think any of this matters anyway as the whole concept is kinda useless when you already have 10+ secure messaging apps at your disposal.

Replies

10
Replying to @phnt@fluffytail.org
feld

feld

@feld@friedcheese.us remote
Open link
@phnt @benpate good question. I think the reality will be more like

- flawed implementation, terrible rollout

- Mastodon and maybe Pixelfed support it (seems like something dansup would jump on)

- all the logic has to be in the client (or frontend)

alright. Now we've got an app store with a ton of shady looking fedi clients (we're that popular guys).

How long before any of those are modified to exfiltrate your keys? How long before the first incel server admin that wants to spy on some female account so they backdoor the FE to steal their keys next time they login?

As soon as one of those events happens, now trust is gone. So Mastodon has to restrict access to this feature to the official Mastodon app and the official Mastodon servers.

UHOH SPAGHETTI-O
Replying to @feld@friedcheese.us
Replying to @mkljczk@pl.fediverse.pl
Replying to @mkljczk@pl.fediverse.pl
Replying to @feld@friedcheese.us
Replying to @silverpill@mitra.social
Replying to @feld@friedcheese.us
Replying to @silverpill@mitra.social
Phantasm

Phantasm

@phnt@fluffytail.org remote
Open link

@silverpill @feld @benpate Because the way Matrix does it is kinda flawed and makes inserting malicious devices easy-ish. OMEMO is the second extreme they can go to.

This ActivityPub becoming a kitchen sink protocol is getting really weird. First it was trying to make C2S usable and now E2EE barely anybody asked for. When are we going to get emoji reactions standardized?

Replying to @phnt@fluffytail.org
Replying to @silverpill@mitra.social