Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
General Discussion
6
Posts
2
Posters
0
Views
-
Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
KeyPackage collection on the Actor object
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt | jq '.keyPackages'Response
"https://enigmatick.social/user/jdt/keys"Retrieve the KeyPackage Collection
These are populated by the client (the browser using the
wasmmodule loaded in the Svelte SPA). I had a different mechanism in place for managing this (using theinstrumentfield on Activities) but am updating it to use theAddflow for the Collection as specified by the draft.Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys | jqResponse
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Collection", "id": "https://enigmatick.social/user/jdt/keys", "totalItems": 39, "next": "https://enigmatick.social/user/jdt/keys?mkp=true" }Follow the
nextlink to retrieve a KeyPackageThis will mark the
KeyPackageas distributed and would typically link it to the Actor that signed the request (that's temporarily disabled for testing).Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys?mkp=true | jqResponse
{ "@context": [ "https://www.w3.org/ns/activitystreams", "https://purl.archive.org/socialweb/mls" ], "type": "Collection", "totalItems": 1, "items": [ { "type": "KeyPackage", "id": "https://enigmatick.social/key-package/cfde7b54-8d08-41e9-8eb5-d997a12e9347", "attributedTo": "https://enigmatick.social/user/jdt", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "mediaType": "message/mls", "encoding": "base64", "content": "AAEAASCOWe7uxA8tPeI01nDP8ka2irEhgfkK2qM81/o+tEKPEiCz2h2Vv6VVuGSx/C0WINQCuazZm4rQAymxd1JdHGVvaSDurWzIE3z5eXUFz5coFGv9db7DxZDx0arb/gyRuidCAgABImh0dHBzOi8vZW5pZ21hdGljay5zb2NpYWwvdXNlci9qZHQCAAEIAAEAAgADAE0KAAEAAgADAAQABQwAAQACAAMABAAFAAcCAAEBAAAAAGeDNwsAAAAAZ/IDGwBAQJUffd/8/Efgt0ITBeMWfJYcb7S8E5U7yyUINiIUfqmsGwcvTyam6C+9F+k64NBEs0rXjGMjPA6AgiZ2oR4/1wwAQECliseeQfQb0zgq755ZiiujRqLkEWt8WOTJSsBXHK6hey6bNs4wet782NL8k92h1BNuPZDzxHaHXdXe1wgBO6QJ" } ] } -
Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
KeyPackage collection on the Actor object
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt | jq '.keyPackages'Response
"https://enigmatick.social/user/jdt/keys"Retrieve the KeyPackage Collection
These are populated by the client (the browser using the
wasmmodule loaded in the Svelte SPA). I had a different mechanism in place for managing this (using theinstrumentfield on Activities) but am updating it to use theAddflow for the Collection as specified by the draft.Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys | jqResponse
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Collection", "id": "https://enigmatick.social/user/jdt/keys", "totalItems": 39, "next": "https://enigmatick.social/user/jdt/keys?mkp=true" }Follow the
nextlink to retrieve a KeyPackageThis will mark the
KeyPackageas distributed and would typically link it to the Actor that signed the request (that's temporarily disabled for testing).Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys?mkp=true | jqResponse
{ "@context": [ "https://www.w3.org/ns/activitystreams", "https://purl.archive.org/socialweb/mls" ], "type": "Collection", "totalItems": 1, "items": [ { "type": "KeyPackage", "id": "https://enigmatick.social/key-package/cfde7b54-8d08-41e9-8eb5-d997a12e9347", "attributedTo": "https://enigmatick.social/user/jdt", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "mediaType": "message/mls", "encoding": "base64", "content": "AAEAASCOWe7uxA8tPeI01nDP8ka2irEhgfkK2qM81/o+tEKPEiCz2h2Vv6VVuGSx/C0WINQCuazZm4rQAymxd1JdHGVvaSDurWzIE3z5eXUFz5coFGv9db7DxZDx0arb/gyRuidCAgABImh0dHBzOi8vZW5pZ21hdGljay5zb2NpYWwvdXNlci9qZHQCAAEIAAEAAgADAE0KAAEAAgADAAQABQwAAQACAAMABAAFAAcCAAEBAAAAAGeDNwsAAAAAZ/IDGwBAQJUffd/8/Efgt0ITBeMWfJYcb7S8E5U7yyUINiIUfqmsGwcvTyam6C+9F+k64NBEs0rXjGMjPA6AgiZ2oR4/1wwAQECliseeQfQb0zgq755ZiiujRqLkEWt8WOTJSsBXHK6hey6bNs4wet782NL8k92h1BNuPZDzxHaHXdXe1wgBO6QJ" } ] }If the private keys are stored on the instance, how is this any better than what we have now?
-
If the private keys are stored on the instance, how is this any better than what we have now?
@rimu@piefed.social What makes you think it's a private key? (It's not.)
Here's some information with examples of how the keys are used and exchanged.
-
If the private keys are stored on the instance, how is this any better than what we have now?
@rimu@piefed.social And no, the instance admin cannot decrypt the communications. The
KeyPackageis a public key used to start an encrypted message exchange. But it cannot be used to decrypt any of the messages. -
@rimu@piefed.social And no, the instance admin cannot decrypt the communications. The
KeyPackageis a public key used to start an encrypted message exchange. But it cannot be used to decrypt any of the messages.Ah I see, thanks 👍
-
Ah I see, thanks 👍
@rimu@piefed.social No problem!
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@rimu@piefed.social No problem!
-
Ah I see, thanks 👍
-
@rimu@piefed.social And no, the instance admin cannot decrypt the communications. The KeyPackage is a public key used to start an encrypted message exchange. But it cannot be used to decrypt any of the messages.
-
@rimu@piefed.social What makes you think it's a private key? (It's not.)
Here's some information with examples of how the keys are used and exchanged.
-
If the private keys are stored on the instance, how is this any better than what we have now?
-
Adjusting #Enigmatick's previously built functions to align with the #ActivityPub #E2EE draft.
KeyPackage collection on the Actor objectRequest
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt | jq '.keyPackages'Response
"https://enigmatick.social/user/jdt/keys" Retrieve the KeyPackage CollectionThese are populated by the client (the browser using the wasm module loaded in the Svelte SPA). I had a different mechanism in place for managing this (using the instrument field on Activities) but am updating it to use the Add flow for the Collection as specified by the draft.
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys | jqResponse
{ "@context": "https://www.w3.org/ns/activitystreams", "type": "Collection", "id": "https://enigmatick.social/user/jdt/keys", "totalItems": 39, "next": "https://enigmatick.social/user/jdt/keys?mkp=true" } Follow the next link to retrieve a KeyPackageThis will mark the KeyPackage as distributed and would typically link it to the Actor that signed the request (that's temporarily disabled for testing).
Request
> curl -H "Accept: application/activity+json" https://enigmatick.social/user/jdt/keys?mkp=true | jqResponse
{ "@context": [ "https://www.w3.org/ns/activitystreams", "https://purl.archive.org/socialweb/mls" ], "type": "Collection", "totalItems": 1, "items": [ { "type": "KeyPackage", "id": "https://enigmatick.social/key-package/cfde7b54-8d08-41e9-8eb5-d997a12e9347", "attributedTo": "https://enigmatick.social/user/jdt", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "mediaType": "message/mls", "encoding": "base64", "content": "AAEAASCOWe7uxA8tPeI01nDP8ka2irEhgfkK2qM81/o+tEKPEiCz2h2Vv6VVuGSx/C0WINQCuazZm4rQAymxd1JdHGVvaSDurWzIE3z5eXUFz5coFGv9db7DxZDx0arb/gyRuidCAgABImh0dHBzOi8vZW5pZ21hdGljay5zb2NpYWwvdXNlci9qZHQCAAEIAAEAAgADAE0KAAEAAgADAAQABQwAAQACAAMABAAFAAcCAAEBAAAAAGeDNwsAAAAAZ/IDGwBAQJUffd/8/Efgt0ITBeMWfJYcb7S8E5U7yyUINiIUfqmsGwcvTyam6C+9F+k64NBEs0rXjGMjPA6AgiZ2oR4/1wwAQECliseeQfQb0zgq755ZiiujRqLkEWt8WOTJSsBXHK6hey6bNs4wet782NL8k92h1BNuPZDzxHaHXdXe1wgBO6QJ" } ] }
-
Our initial clients will be built in JavaScript, so you’d need to enable JS on your browser to use it (for now)
And, it will require special features on your server, so this won’t work on Mastodon (for now)
Download the road, things will change. We’re defining a standard API that anyone can build in. So hopefully someone can built installable clients (iOS, Android, desktop) that work separate from your browser.
