@prologic@twtxt.net Re: Chat system, What if the base specification included a system for per-user arbitrary JSON storage on the server? Kind of like XEP-0049, but expanded upon. Two kinds of objects: public and private. Public objects can be queried by anyone, private objects cannot and must be encrypted with the user’s private key. Public keys could be stored there, as well as anything else defined by extensions. Roster, user block list, avatar, etc.
#5nagu7q
(#5nagu7q) Do you know protonmail, they use PGP for all the mail between the users of their own platform.
#osxisha
(#5nagu7q) Thanks @xuu@txt.sour.is I will.
I was also reading the cryptographic part of Scuttlebutt: https://ssbc.github.io/scuttlebutt-protocol-guide/
#6cprwba
(#5nagu7q) Reading Keybase.io as suggested by @xuu@txt.sour.is . Very good for now
#rxlv4bq
(#5nagu7q) But the real issue is that if you use an app it’s easy to store the private asymmetrical key and use it “locally” but through web …. Maybe somehow the site can load/ask it locally and store it in the browser cache and then use it in JavaScript to decrypt
#q3q2icq
(#5nagu7q) Here are my thought about the subject : https://git.mills.io/tkanos/encrption-twtxt-paper/wiki/Research
#tvqo3cq
(#5nagu7q) Thanks, Yes of course, I was just doing a global overview. Of the basis, to be able to build on it.
And I was not aware of that RFC. Will be reading it.
#ec7yprq
(#5nagu7q) Actually it’s good : RFC for Encrypted Feeds
#fclv5va
(#5nagu7q) What you did will be perfect for a one to one conversation.
But if I want to tell to everybody that I follow something encrypted. It won’t be possible.
#qp4y2va
(#5nagu7q) My bad, it will apparently be possible, I just don’t fully understand how, but keys can encrypt a message to multiple recipient.
echo -n "My secret 🤓" | keys encrypt -armor -sender gabriel@github \
-recipient kex1ts0qw8fwkvle2f2xsqumetmr9ev5ppx22rl5hnycen68sanjzl7qnta629 \
-recipient kex1ts0qw8fwkvle2f2xsqumetmr9ev5ppx22rl5hnycen68sanjzl7qnta627 > msg.enc
#r6xiaua