Frédéric JacobsApr 5, 2017

Mastodon's federation introduces UX challenges.

One that worries me a lot is about message forgery. Anyone can forge a twoot, even cross-server.

Whereas Twitter Inc might be trustworthy enough to not forge transcripts. Anyone can run a Mastodon server and might want to abuse it to influence people (see Russian troll campaigns).

Should Mastodon "home servers" cryptographically sign updates? Should there be end-to-end signatures? Anyone has thoughts on this?

Show threadHallå Kitteh
@fj There are three ways a post can reach another server:

1. Good old Atom polling
2. PuSH
3. Salmon

In the case of (1), https guards against a MITM and with the connection secured, the idea is that server A trusts server B to represent its own content correctly.

In the case of (3) there is a signature involved.

In the case of (2), PuSH in general has an optional signature. I don't know if GNU Social and Mastodon insist on using that feature.

@lambadalambda , @moonman , @hannes2peer , @[email protected] , do you know?
Apr 5, 2017 at 4:06pmWeb
Show threadHallå KittehApr 5, 2017
What's going on on umeahackerspace's instance?