I’m pleased to announce the immediate availability of a reference implementation for the Public Key Directory server. This software implements the Key Transparency specification I’ve be…
This looks interesting but it’s horrendously long and my eyes glazed over (need more coffee…). Is there a shorter description of what it does? I.e. what are the keys used for and how are they generated? What is it that’s getting encrypted? It sounds like it’s supposed to be E2EE for PM’s. A two or three sentence description saying how the E2EE works and how the private keys are stored would be very helpful.
If you want E2EE for Mastodon, you need key management to be solved first.
This solves a lot of the key management pain. It’s not v1.0 stable yet, but it’s finally implemented. I’ve been working on the spec for nearly 2 years.
I’ll take a look when I get a chance, but like you said, it’s a public key directory. I thought you were claiming to have a solution to client side keys. Is there trouble with using some existing PK directory scheme?
I’ll see if I can read the post but when I tried this morning, it was way too long. I’ll look at the specification. I’ve been involved in crypto implementation since forever, which is why this looked interesting. But I think the client side also has to be figured out, if it hasn’t been yet.
If you are you are looking for more complex tools that don’t do the job sure.
Honestly just read the article before, and some of the linked texts before you continue talking. Or don’t. Just please don’t be a know it all who doesn’t need to read, it’s not very appealing.
I’ve read the article again and am still in a state of confusion. I’ll see if I can get through the spec. But there are a ton of unanswered questions that I think could have been cleared up concisely.
This looks interesting but it’s horrendously long and my eyes glazed over (need more coffee…). Is there a shorter description of what it does? I.e. what are the keys used for and how are they generated? What is it that’s getting encrypted? It sounds like it’s supposed to be E2EE for PM’s. A two or three sentence description saying how the E2EE works and how the private keys are stored would be very helpful.
If you want E2EE for Mastodon, you need key management to be solved first.
This solves a lot of the key management pain. It’s not v1.0 stable yet, but it’s finally implemented. I’ve been working on the spec for nearly 2 years.
I’ll take a look when I get a chance, but like you said, it’s a public key directory. I thought you were claiming to have a solution to client side keys. Is there trouble with using some existing PK directory scheme?
No, if you read the post it will make more sense.
Or the specification if you’re more technical.
I’ll see if I can read the post but when I tried this morning, it was way too long. I’ll look at the specification. I’ve been involved in crypto implementation since forever, which is why this looked interesting. But I think the client side also has to be figured out, if it hasn’t been yet.
The client side is its own beast. See https://github.com/soatok/mastodon-e2ee-specification?tab=readme-ov-file#components from my initial project (the “key transparency” thing from today slots neatly into the “Federated PKI” hole).
Thanks. I’ll look and post comments later if you want them.
Certainly. Thanks <3
It’s a public key registry.
That’s unhelpful. How is it used? Thanks.
It doesn’t do any of the things you have asked about.
It’s a building block for a reasonably secure e2ee PM system.
Oh. Tbh that doesn’t sound very significant. LDAP might be enough by itself. Thanks.
If you are you are looking for more complex tools that don’t do the job sure.
Honestly just read the article before, and some of the linked texts before you continue talking. Or don’t. Just please don’t be a know it all who doesn’t need to read, it’s not very appealing.
I’ve read the article again and am still in a state of confusion. I’ll see if I can get through the spec. But there are a ton of unanswered questions that I think could have been cleared up concisely.
White text on a black background … I didn’t even try to read it.
So, dark mode? Nothing outrageous there.
There’s always reader / article view if you really can’t handle the colour scheme
There is also having the site adjust to match my browser’s theme.