Notices by Soatok Dreamseeker (soatok@furry.engineer), page 2

@tael @bascule I'm confident Tony knows this lol

@ariarhythmic I've written about this before lol

@sophieschmieg And I insist on them accounting for ML-DSA-87, because CNSA 2.0 :P

@stefenauris You gotta warm the audience up for a joke before you serve a sick burn

@jalefkowit Let's just call it Mozilla Smokelung

@stefenauris Sometimes the content warnings are actually content warmings

@o76923 Interesting perspective. So would you consider bluesky a sort of containment zone for folks that cannot escape the habits instilled by recommendation systems?

Yeah, Fedi has its problems.

But at least most folks are good about using the CW feature most of the time.

The cool thing about bsky being down practically all day is I didn't have to accidentally observe completely untagged content for other people's kinks that squick me, which (due to not being tragged) bypasses my muted word list.

So who's to say if it's good or bad?

@kirtai @pq1r idk, I like IPv6 shrug

No cap... this is actually pretty smart and how IPv6 should have been designed in the first place

Perfectly compatible with the old IPv4 space

@orsinov @theorangetheme No, I don't think they are

lol no https://www.ietf.org/archive/id/draft-thain-ipv8-00.html

@benpate @bluewinds @GroupNebula563 Sure! My signal is soatok.45 if you'd like to coordinate

I guess I should get back to work on that damn key management blog post after all.

@benpate @bluewinds @GroupNebula563 I think you're confused.

The public keys that are rotated frequently are encryption public keys.

The thing I've proposed are for identity public keys.

Using your identity secret key to sign each encryption public key, and having your recipient verify them, is basically a one-liner:

https://github.com/swicg/activitypub-e2ee/issues/35#issuecomment-3738855995

@23n27 That's a threat model- and use case-specific corner case, not the general case.

@chrisvest Algorithm agility will be achieved by "versioned protocols".

The protocol versions will allow only one cryptography algorithm per version.

The implementation details here are whether v1 should remain ed25519 (since this isn't deployed anywhere yet) or mldsa44.

I expect v2 (circa 2030?) will use one of these: https://csrc.nist.gov/projects/pqc-dig-sig/round-2-additional-signatures

@ex_06 There's a trade-off between bandwidth and security and I think 44 is the right parameter set for my purposes.

87 is for CNSA 2.0, but I don't listen to the NSA.

@dequbed I'm excited for SQISign (or whatever future iteration of it survives NIST)