Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
General Discussion
8
Posts
3
Posters
0
Views
-
Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
KeyPackage collection on the Actor object
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt | jq '.keyPackages'Response
"https://enigmatick.social/user/jdt/keys"Retrieve the KeyPackage Collection
These are populated by the client (the browser using the
wasmmodule loaded in the Svelte SPA). I had a different mechanism in place for managing this (using theinstrumentfield on Activities) but am updating it to use theAddflow for the Collection as specified by the draft.Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys | jqResponse
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Collection", "id": "https://enigmatick.social/user/jdt/keys", "totalItems": 39, "next": "https://enigmatick.social/user/jdt/keys?mkp=true" }Follow the
nextlink to retrieve a KeyPackageThis will mark the
KeyPackageas distributed and would typically link it to the Actor that signed the request (that's temporarily disabled for testing).Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys?mkp=true | jqResponse
{ "@context": [ "https://www.w3.org/ns/activitystreams", "https://purl.archive.org/socialweb/mls" ], "type": "Collection", "totalItems": 1, "items": [ { "type": "KeyPackage", "id": "https://enigmatick.social/key-package/cfde7b54-8d08-41e9-8eb5-d997a12e9347", "attributedTo": "https://enigmatick.social/user/jdt", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "mediaType": "message/mls", "encoding": "base64", "content": "AAEAASCOWe7uxA8tPeI01nDP8ka2irEhgfkK2qM81/o+tEKPEiCz2h2Vv6VVuGSx/C0WINQCuazZm4rQAymxd1JdHGVvaSDurWzIE3z5eXUFz5coFGv9db7DxZDx0arb/gyRuidCAgABImh0dHBzOi8vZW5pZ21hdGljay5zb2NpYWwvdXNlci9qZHQCAAEIAAEAAgADAE0KAAEAAgADAAQABQwAAQACAAMABAAFAAcCAAEBAAAAAGeDNwsAAAAAZ/IDGwBAQJUffd/8/Efgt0ITBeMWfJYcb7S8E5U7yyUINiIUfqmsGwcvTyam6C+9F+k64NBEs0rXjGMjPA6AgiZ2oR4/1wwAQECliseeQfQb0zgq755ZiiujRqLkEWt8WOTJSsBXHK6hey6bNs4wet782NL8k92h1BNuPZDzxHaHXdXe1wgBO6QJ" } ] } -
Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
KeyPackage collection on the Actor object
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt | jq '.keyPackages'Response
"https://enigmatick.social/user/jdt/keys"Retrieve the KeyPackage Collection
These are populated by the client (the browser using the
wasmmodule loaded in the Svelte SPA). I had a different mechanism in place for managing this (using theinstrumentfield on Activities) but am updating it to use theAddflow for the Collection as specified by the draft.Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys | jqResponse
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Collection", "id": "https://enigmatick.social/user/jdt/keys", "totalItems": 39, "next": "https://enigmatick.social/user/jdt/keys?mkp=true" }Follow the
nextlink to retrieve a KeyPackageThis will mark the
KeyPackageas distributed and would typically link it to the Actor that signed the request (that's temporarily disabled for testing).Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys?mkp=true | jqResponse
{ "@context": [ "https://www.w3.org/ns/activitystreams", "https://purl.archive.org/socialweb/mls" ], "type": "Collection", "totalItems": 1, "items": [ { "type": "KeyPackage", "id": "https://enigmatick.social/key-package/cfde7b54-8d08-41e9-8eb5-d997a12e9347", "attributedTo": "https://enigmatick.social/user/jdt", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "mediaType": "message/mls", "encoding": "base64", "content": "AAEAASCOWe7uxA8tPeI01nDP8ka2irEhgfkK2qM81/o+tEKPEiCz2h2Vv6VVuGSx/C0WINQCuazZm4rQAymxd1JdHGVvaSDurWzIE3z5eXUFz5coFGv9db7DxZDx0arb/gyRuidCAgABImh0dHBzOi8vZW5pZ21hdGljay5zb2NpYWwvdXNlci9qZHQCAAEIAAEAAgADAE0KAAEAAgADAAQABQwAAQACAAMABAAFAAcCAAEBAAAAAGeDNwsAAAAAZ/IDGwBAQJUffd/8/Efgt0ITBeMWfJYcb7S8E5U7yyUINiIUfqmsGwcvTyam6C+9F+k64NBEs0rXjGMjPA6AgiZ2oR4/1wwAQECliseeQfQb0zgq755ZiiujRqLkEWt8WOTJSsBXHK6hey6bNs4wet782NL8k92h1BNuPZDzxHaHXdXe1wgBO6QJ" } ] }If the private keys are stored on the instance, how is this any better than what we have now?
-
If the private keys are stored on the instance, how is this any better than what we have now?
@rimu@piefed.social What makes you think it's a private key? (It's not.)
Here's some information with examples of how the keys are used and exchanged.
-
If the private keys are stored on the instance, how is this any better than what we have now?
@rimu@piefed.social And no, the instance admin cannot decrypt the communications. The
KeyPackageis a public key used to start an encrypted message exchange. But it cannot be used to decrypt any of the messages. -
@rimu@piefed.social And no, the instance admin cannot decrypt the communications. The
KeyPackageis a public key used to start an encrypted message exchange. But it cannot be used to decrypt any of the messages.Ah I see, thanks 👍
-
Ah I see, thanks 👍
@rimu@piefed.social No problem!
-
Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
KeyPackage collection on the Actor object
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt | jq '.keyPackages'Response
"https://enigmatick.social/user/jdt/keys"Retrieve the KeyPackage Collection
These are populated by the client (the browser using the
wasmmodule loaded in the Svelte SPA). I had a different mechanism in place for managing this (using theinstrumentfield on Activities) but am updating it to use theAddflow for the Collection as specified by the draft.Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys | jqResponse
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Collection", "id": "https://enigmatick.social/user/jdt/keys", "totalItems": 39, "next": "https://enigmatick.social/user/jdt/keys?mkp=true" }Follow the
nextlink to retrieve a KeyPackageThis will mark the
KeyPackageas distributed and would typically link it to the Actor that signed the request (that's temporarily disabled for testing).Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys?mkp=true | jqResponse
{ "@context": [ "https://www.w3.org/ns/activitystreams", "https://purl.archive.org/socialweb/mls" ], "type": "Collection", "totalItems": 1, "items": [ { "type": "KeyPackage", "id": "https://enigmatick.social/key-package/cfde7b54-8d08-41e9-8eb5-d997a12e9347", "attributedTo": "https://enigmatick.social/user/jdt", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "mediaType": "message/mls", "encoding": "base64", "content": "AAEAASCOWe7uxA8tPeI01nDP8ka2irEhgfkK2qM81/o+tEKPEiCz2h2Vv6VVuGSx/C0WINQCuazZm4rQAymxd1JdHGVvaSDurWzIE3z5eXUFz5coFGv9db7DxZDx0arb/gyRuidCAgABImh0dHBzOi8vZW5pZ21hdGljay5zb2NpYWwvdXNlci9qZHQCAAEIAAEAAgADAE0KAAEAAgADAAQABQwAAQACAAMABAAFAAcCAAEBAAAAAGeDNwsAAAAAZ/IDGwBAQJUffd/8/Efgt0ITBeMWfJYcb7S8E5U7yyUINiIUfqmsGwcvTyam6C+9F+k64NBEs0rXjGMjPA6AgiZ2oR4/1wwAQECliseeQfQb0zgq755ZiiujRqLkEWt8WOTJSsBXHK6hey6bNs4wet782NL8k92h1BNuPZDzxHaHXdXe1wgBO6QJ" } ] } -
@silverpill@mitra.social it seems like a fair starting point to establish some common formats. There's clearly a lot of work still to be done.
There are some choices that seem questionable to me; the document seems to imply that
KeyPackagesas an attribute of theActorobjects can be retrieved without much control. I think that's problematic. They're only usable one time and they could easily be exhausted if distribution isn't controlled (they have to be replenished by the client and the client has to maintain all active packages in its key store).I gate access behind a verified signature and record who is given which package at the server to establish some limits.
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@julian Just not with lemmy/piefed, if you are not able to follow an individual (WP-blog in this case) residing out of the walled fedi garden.
Not sure about mbin. Couldn't test that yet, as I am still waiting for my registration... :/
-
@mikka@mstdn.social that's correct, this is how all software running AP works.
-
@julian @pfefferle Yes, but only if you have at least one follower on the targeted flavor of fedi.
-
@mikka@mstdn.social @pfefferle@mastodon.social the answer is yes.
WP federates out as a group actor which threadiverse software understands.
-
@silverpill@mitra.social it seems like a fair starting point to establish some common formats. There's clearly a lot of work still to be done.
There are some choices that seem questionable to me; the document seems to imply that KeyPackages as an attribute of the Actor objects can be retrieved without much control. I think that's problematic. They're only usable one time and they could easily be exhausted if distribution isn't controlled (they have to be replenished by the client and the client has to maintain all active packages in its key store).
I gate access behind a verified signature and record who is given which package at the server to establish some limits.
-
@pfefferle @liaizon @julian @notiz.blog Actually I wanted to know if it is possible to follow *from* lemmy/piefed > someone elsewhere. Because this is a necessitiy to federate anything from a WP-installation running activitypub (plugin) to fediverse.
-
@mikka @liaizon @julian you can follow a blog on lemmy (see @notiz.blog ) and following others using WordPress is an early beta and I have not tested to follow communites/groups, but we definitely plan to support that.
