Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://fedicy.us.to/cy/p/1731880388.256434">cy (cy@fedicy.us.to)'s status on Monday, 18-Nov-2024 07:08:53 JST</a><a href="https://fedicy.us.to/cy" title="cy@fedicy.us.to"><img src="https://gnusocial.jp/avatar/230622-48-20241026112041.webp" width="48" height="48" alt="cy" style="position: absolute; left: 0; top: 0;">cy</a><div><a href="https://hub.netzgemeinde.eu/item/a7dbbcf8-92df-4280-b292-1fdbc648008c" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/96193" title="jupiter_rowland@hub.netzgemeinde.eu">Jupiter Rowland</a></li></ul></div></section><article>Nomadic identity is also broken. Never share your private key. It's the most important, fundamental rule of public key cryptography.<br><br>That being said, it'd be neat if we could get our Fediverse clients to keep a secret private key that you never share, and sign posts before sending them to the instance. Google/Mozilla have been fighting to lock people out from doing that for decades, but it is possible I guess.<br><br>I did see some proposals on that once, let's see...<br><br><a href="https://w3c.github.io/vc-data-integrity/">https://w3c.github.io/vc-data-integrity/</a><br><br>Good luck writing a client (likely in a browser) capable of doing that, but that would enable nomadic identities. Or maybe you already did, and I'm just woefully uninformed?<br><br>CC: @Mike Macgirvin@fediversity.site <a href="https://mitra.social/users/silverpill">@silverpill@mitra.social</a><br></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4018774#notice-7853247">In conversation</a><time datetime="2024-11-18T07:08:53+09:00" title="Monday, 18-Nov-2024 07:08:53 JST">about 4 days ago</time> <span>from <span><a href="https://fedicy.us.to/cy/p/1731880388.256434" rel="external" title="Sent from fedicy.us.to via ActivityPub">fedicy.us.to</a></span></span><a href="https://fedicy.us.to/cy/p/1731880388.256434">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://w3c.github.io/vc-data-integrity/">Verifiable Credential Data Integrity 1.0</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
cy (cy@fedicy.us.to)'s status on Monday, 18-Nov-2024 07:08:53 JSTcy
in reply to
- silverpill
- Jupiter Rowland
Nomadic identity is also broken. Never share your private key. It's the most important, fundamental rule of public key cryptography.

That being said, it'd be neat if we could get our Fediverse clients to keep a secret private key that you never share, and sign posts before sending them to the instance. Google/Mozilla have been fighting to lock people out from doing that for decades, but it is possible I guess.

I did see some proposals on that once, let's see...

https://w3c.github.io/vc-data-integrity/

Good luck writing a client (likely in a browser) capable of doing that, but that would enable nomadic identities. Or maybe you already did, and I'm just woefully uninformed?

CC: @Mike Macgirvin@fediversity.site @silverpill@mitra.social
In conversationabout 4 days ago from fedicy.us.topermalink
Attachments
1. No result found on File_thumbnail lookup.
  Verifiable Credential Data Integrity 1.0

Public

Embed Notice

HTML Code

Corresponding Notice