Have you seen this news?

@hiker

Yes. While it’s possible to have encrypted “public” discussions, it makes no sense to me and I don’t know why anyone would do that.

This is exclusively for real private messages (not just “direct” messages)

@benpate

>But this is exactly how I’m doing it in Emissary. Domain owners can choose if they want to support E2EE on their server, and for which groups of users.

Tidy, cheers.

Also, we’ve chatted with @soatok abiut this project. They recommended a different management structure, using separate network of key authentication servers.

That’s not off the table, but is more than we can manage right not. It could be another way for us to validate keys in the future.

@bluewinds @GroupNebula563 @soatok

@earth_walker @benpate
Yes.
The very first thing that occurred to me reading this was: "Hmm. Adding E2EE without first implementing the long requested tools to make it less easy to harass people is going to potentially make moderation more challenging and Mastodon more unsafe than it is."

I would love for that to happen. As soon as I can make a public beta server, you’re all welcome to come and break my code. I’ll pass out treats.

@GroupNebula563 @soatok

@Quantillion

1. “I left Instagram, so this is how you contact me now…”

2. FB paid a billion dollars for WhatsApp. They wouldn’t do that if they couldn’t use it to profile you. Even if the messages are encrypted.

3. E2EE is being removed from Instagram in a few weeks. Besides, Instagram is creepy and addictive. You can still trade pics on the Fediverse, so…

@benpate @bluewinds @GroupNebula563 I think you're confused.

The public keys that are rotated frequently are encryption public keys.

The thing I've proposed are for identity public keys.

Using your identity secret key to sign each encryption public key, and having your recipient verify them, is basically a one-liner:

https://github.com/swicg/activitypub-e2ee/issues/35#issuecomment-3738855995

@andypiper @benpate there's no mention (yet?) of this in the ticket (that @benpate opened) at https://github.com/mastodon/mastodon/issues/33984

@benpate Ok. I don't know how this idea will join the the ActivityPub protocol - or with other words: How all the other platforms in the Fediverse can handle this feature.

@adamhotep @benpate thanks for the pointer! We should fix that and link it to the PRs mentioned in Trunk & Tidbits this month…

@jaz @earth_walker

I'm certainly not a lawyer or expert on this, and I'm sure it varies between legal jurisdictions... but I thought that US law has (some?) liability protections for "common carriers" who pass data but are unable to read it.

Your ISP isn't liable for stuff you download over a secure HTTPS/SSL connection. In theory, the same *should* apply here. But still, someone may try to test it in court.

@hiker

It's fully backwards compatible. If you don't support encrypted messages, you can still send/receive regular ones.

Here's a *very* short version:

Your device makes two encryption keys: one is public and one is private

The private key never leaves your device

The public key is published in your ActivityPub profile

If I want to send you a message, I check your profile to see if you've published encryption keys.

Have keys? send encrypted messages
No keys? send plaintext messages

Thank you, and yes. Syncing key packages to a public server might get tedious for everyone.

BTW: We had a video conference today, and you came up (along with the issue you linked)

We were running out of time (because W3C meetings) but want to keep open the possibility of implementing this in the future.

We're meeting again in two weeks. Wanna come?

@soatok @bluewinds @GroupNebula563

@benpate

US law is certainly one jurisdiction, one which routinely compels the sharing of metadata of E2EE users and their conversations, and one which is trying very hard to remove a number of protections currently enjoyed by US-based service providers through legislation such as KOSA and EARN-IT.

Also, social media companies are not common carriers. That's a very different thing (like ISPs, telcos, and railroads.)

Also...

https://umap.openstreetmap.fr/en/map/fediverse-near-me_828094#3/25.799891/29.794922

@benpate

sadly i'm not qualified to audit cryptogrpahic function enforcing code

but I do recall RSA being open source and being promoted by NIST and the US gov

whilst having known vulnerabilities

https://grahamcluley.com/nsa-bribe-rsa-encryption/

https://www.cnet.com/news/privacy/security-firm-rsa-took-millions-from-nsa-report/

@jaz @benpate this an excellent point, and something I learned in my brief time running a Matrix server as part of vmst.io -- it's nearly impossible to moderate what you can't see.

@rapsneezy2 Yup. And, most vulnerabilities have nothing to do with the encryption, but all of the architecture around it that leaks, injects, or lets adversaries circumvent your encryption.

I'm gonna share this image *so many times* today

At the end of the day, I don't think we're building something to keep out the NSA or the Mossad. I think we're thwarting nosy admins, data harvesters, and the same. And that's a good step forward.

Use Signal to do illegal stuff.

@benpate

To be clear, I am very happy E2EE services, patio installers, porn services, and banana peel recyclers exist.

I simply do not want to operate one of these businesses.

@jaz I can only say "yes" so many times before I dig up the Meg Ryan gif.

Do you want me to dig up the Meg Ryan gif?

@jaz @benpate thanks for bringing this up, Jaz. I think one way to consider this is that people like me, Ben, Bonfire, and Mastodon can provide this technology, and communities and individuals will make decisions about how and when they use it.