- From: Sean O'Brien <sean.obrien@yale.edu>
- Date: Fri, 03 Mar 2023 23:58:48 +0000
- To: Marcus Rohrmoser <me+swicg@mro.name>, public-swicg@w3.org
- Message-ID: <1A241B89-B95B-4A90-BCE8-448956C843A9@yale.edu>
I don't wish to derail this conversation, but if you'd like to discuss in another thread I'm talking about proposals like this: files.de.adversary.org/crypto/ac/index.html Such an example would facilitate E2EE features for confidential messages in web applications implementing ActivityPub. I have pinged this list before about this and am happy to continue the conversation. I am not talking about any fediverse instance holding keys of its users. Cheers, - Sean -- Sean O'Brien Fellow, Information Society Project at Yale Law School Founder, Privacy Lab at Yale ISP, https://privacylab.yale.edu On March 3, 2023 11:50:02 PM UTC, Marcus Rohrmoser <me+swicg@mro.name> wrote: > >On 3 Mar 2023, at 23:45, Sean O'Brien wrote: > >> I am very interested in the role of confidentiality and encryption, and I know some work has been done by others in the community that extends ActivityPub in that direction (for ex. the use of PGP keys). I think it's vital to consider folding the appropriate components of these proposals into updated specs. > >I can't label it privacy if a 3rd party holds the key. > >I see few benefit ActivityPub brings beyond tls. > >However, huge dangers when confidential and public messages sit next to each other. > >Marcus >
Received on Friday, 3 March 2023 23:59:06 UTC