Frédéric JacobsApr 5, 2017

Mastodon's federation introduces UX challenges.

One that worries me a lot is about message forgery. Anyone can forge a twoot, even cross-server.

Whereas Twitter Inc might be trustworthy enough to not forge transcripts. Anyone can run a Mastodon server and might want to abuse it to influence people (see Russian troll campaigns).

Should Mastodon "home servers" cryptographically sign updates? Should there be end-to-end signatures? Anyone has thoughts on this?

Show thread[MOVED] Christopher WebberApr 13, 2017

@fj Verifying messages is important / critical in a federated network. In ActivityPub it's required to technically conform to the standard, though how you do it is somewhat looser; eg if you "share" a message, and that message is embedded and comes from a different origin, the most minimalist approach is to check the source and make sure it matches.

But signatures are better... [... contd ...]

Show thread[MOVED] Christopher WebberApr 13, 2017

@fj The "right" way to do it is definitely to sign messages as you pass them along the network. We include a section for this using Linked Data Signatures and HTTP Signatures https://www.w3.org/TR/activitypub/#authorization-lds

Unfortunately, it's non-normative. The specs need more use and "proof in implementation" before they can become the de-facto way. It would have been way better to make it the definitive way to do it (but at least a method is presented)

Show threadMike Gerwitz
@cwebber earlier this week I was wishing there was a way to re-use our web of trust (PGP) on the web (https://social.mikegerwitz.com/conversation/46693). I'll have to read into ActivityPub a bit (and its reference implementations), but has that type of thing come up in discussions?
Apr 14, 2017 at 6:06amWeb
Show thread[MOVED] Christopher WebberApr 14, 2017

@mikegerwitz I'm not sure about PGP's web of trust stuff specifically, but one sekret aspect of the Verifiable Claims work is it might allow a federated network to *turn into* a web of trust, without the usual WoT user experience issues.

(I haven't thought about how to integrate with existing PGP WoT tho)

I see you're also talking about the concern of "delegating" key trust to a server... that's a whole topic itself...

Show thread[MOVED] Christopher WebberApr 14, 2017
Btw @mikegerwitz you might appreciate this article, "An even more distributed ActivityPub" http://dustycloud.org/blog/an-even-more-distributed-activitypub/
Show thread[MOVED] Christopher WebberApr 14, 2017

@mikegerwitz One more thing along "even more distributed": it *should* be possible to use ActivityPub on a more peer to peer / distributed system than HTTP. Luckily URIs can have different schemas... so you could handle a different network layer there. The one thing you'll still need is HTTP GET/POST to comply w/ AP.

The fastest route to thinking about what that might look like is to think about using Tor .onion addresses; but there are better examples possible.

Show thread[MOVED] Christopher WebberApr 14, 2017
@mikegerwitz It's out of scope for current work of the SocialWG, but maybe something that will be explored in the follow-up Community Group. Focusing on making the web we have be better federated is the current goal obviously... but we can do even better, with surprisingly few changes and I believe backwards compatible changes. (But maybe not forwards compatible, as in nodes that don't understand the p2p uri schemas might not know what's going on).
Show threadBob MottramApr 14, 2017
@cwebber @mikegerwitz ZeroNet already has pretty good blogging and socnet. I wonder if ActivityPub could be useful in that kind of system.
Show thread[MOVED] Christopher WebberApr 14, 2017
@bob @mikegerwitz I don't know anything about ZeroNet but it looks cool.