(#r4msqlq) @prologic@twtxt.net I’m basically with @movq@www.uninformativ.de, but in contrast to him, I’m not looking forward to implement something like that. :-)

A feed URL is plenty good enough for me. Since I only fetch feeds that I explicity follow, there is some basic trust in those feeds already. Spoofing, impersonation and what not are no issues for me. If I were to find out otherwise, I just unsubscribe from the evil feed. Done.

To retrieve public feeds, I just rely on TLS. Most are served via HTTPS. If a feed is down, I’m not trying to fetch it from some other source, I just wait and try again later. So signed messages/feeds are not a use case I’m particularly benefitting from.

To me, it’s just not worth at all adding this crypto complexity on top.


#kfw3saa