|
Top-level
@neil I would personally have loved a fediverse in which *everything* is e2e encrypted. Maybe the next generation of federated protocol will work that way ^^ 11 comments
@neil I don't think open follow accounts like your have the threat model of trying to prevent randos from seeing your posts. To you it would mostly add enforced encryption at rest. For public/unlisted it would mostly add enforced encryption at rest, but follower-only posts can't be boosted. And it protects those against bad actor servers that e.g. index or publicize them.  I can see how it would work in the context of follower-only posts from restricted follow accounts. Absolutely. And, just in case, I didn’t mean to be dismissive of those who choose or need to engage in that way - not at all. In other, more public, contexts, I am less sure it would work at all! I believe that's exactly what Spritely/Goblin is trying to do with Ocaps (but I'm just lurking at their work, I don't really understand it).   > in which *everything* is e2e encrypted. You would have to exchange keys between every combination of author/reader, and probably per-device or even per-app. The computational impact and restrictions (no guests, for example) would trump the benefits. And at that scale, can you really trust everyone in the first place? E2EE makes sense for private conversations and small group chats. |
Gregory's Server
@dequbed
> I would personally have loved a fediverse in which *everything* is e2e encrypted.
I am interested in how you’d see that working:
- I presume it would mean eliminating “open follow” accounts (like mine), and requiring people to approve follow requests, as otherwise any adversary could follow and obtain access to (future) posts. But…
- if A posts something and B boosts it, C, who follows B but not A, could see it? Does e2ee add anything?