perfect 🐰 foreverAug 20, 2018
at least Pleroma tries to take what Mastodon implemented and try to make it secure (through capability URIs), but still, don't use this for anything critical, at least not right now.
Show threadperfect 🐰 foreverAug 20, 2018
E2E encryption in fediverse context is very difficult to achieve: one actor, many devices.

would need to send separate subenvelopes to do OMEMO. very messy.

maybe it will happen some day, but we have to fix AP security first through properly defining best practices (litepub) before it's even worth discussing that.

AP XEP-like extension model is another security nightmare.

I think it is likely that litepub and AP will wind up evolving differently, but there will always be some level of compatibility...
Show threadperfect 🐰 foreverAug 20, 2018
I think there is some fundamental security disconnects in both Mastodon's implementation of AP and the AP spec itself.

I also think that talking about cryptographic petnames and webs of trust instead of real tech we can use shows that AP is probably going in a bad direction from security POV.

it is unfortunate that we have bet the farm on AP, in some ways.
Show threadperfect 🐰 forever
Pleroma and other litepub implementations I believe highlight the best way to move forward on security with AP.

get the fundamentals right, then we can talk about petnames and content-addressable actors and so on.

nomadic identity is accomplishable without these things (activitypub#300).
Aug 20, 2018 at 6:47amWeb