2/

RE: https://mastodon.social/@reiver/115945290105913697

The resolving of a Fediverse ID to one or more cryptographic public-keys could happen via the activity-file for the user.

A JSON-LD namespace (separate from ActivityPub) could put the cryptographic public-keys into the activity-file.

But, I think we would need more information than what the 2 current methods for including cryptographic public-keys currently support.

#ActivityPub #Cryptography #FediDev #FediDevs #Fediverse #JSONLD

1/

RE: https://mastodon.social/@reiver/115945290105913697

Right now, Fediverse IDs resolve to HTTPS URLs.
For example, the Fediverse ID:

＠reiver＠mastodon.social

Resolves to HTTPS URL:

https;//mastodon·social/users/reiver

...

If we wanted cryptographic public-keys to serve as a basis of Identity on the Fediverse, then —

We would (similarly) also need a Fediverse ID to resolve to one or more cryptographic public-keys

...

#ActivityPub #Cryptography #FediDev #FediDevs #Fediverse #JSONLD

🚀 Protect your data against harvest-now-decrypt-later attacks with PSQ!

We’ve built a lightweight, hybrid post-quantum protocol that injects HNDL security directly into your existing protocols. The easiest way to start your post-quantum transition today without rewriting your entire stack. 🛡️⚛️

Read the full announcement: https://cryspen.com/post/psq-announce/

#PostQuantum #Cryptography #Infosec #RustLang #HNDL

Cryptographic public-keys are one way that one can have an identity (on the Fediverse, and elsewhere) while also having privacy — through a pseudonymous identity.

Yes, we have Fediverse IDs such as:

＠joeblow＠example.com

But a (non-delegated) public-key can function as a PORTABLE form of identity on the Fediverse.

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

Cryptographic public-keys are one way that one can have an identity (on the Fediverse, and elsewhere) while also having privacy — through a pseudonymous identity.

Yes, we have Fediverse IDs such as:

＠joeblow＠example.com

But a (non-delegated) public-key can function as a PORTABLE form of identity on the Fediverse.

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

3/

All that requires that a Fediverse user can have multiple public-keys specified for them.

...

Although https://w3id.org/security/v1 seems to allow for multiple public-keys —

I wonder how much Fediverse software could actually handle multiple public-keys (rather than just one)?

(And, don't just assume one public-key?)

How mucg Fediverse software could handle public-keys changing over time?

Etc?

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

2/

To handle public-key cryptography safely, often a user should be able to have multiple public-keys.

For example, a user might have a different public-key on each device, rather than sharing public-keys.

A user might delegate to a 3rd party — and there may be a delegated versus non-delegated public-key distinction.

Key-rotation is also often necessary for safety reasons.

Etc.

...

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

1/

One way ActivityPub can be extended is — through JSON-LD namespaces.

For example, many Fediverse servers use the following JSON-LD namespace to specify cryptographic public-key(s) for the user.

https://w3id.org/security/v1

(This particular namespace is an HTTPS URL.)

...

But, does extant Fediverse software support cryptographic public-key(s) well?

...

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

3/

All that requires that a Fediverse user can have multiple public-keys specified for them.

...

Although https://w3id.org/security/v1 seems to allow for multiple public-keys —

I wonder how much Fediverse software could actually handle multiple public-keys (rather than just one)?

(And, don't just assume one public-key?)

How mucg Fediverse software could handle public-keys changing over time?

Etc?

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

2/

To handle public-key cryptography safely, often a user should be able to have multiple public-keys.

For example, a user might have a different public-key on each device, rather than sharing public-keys.

A user might delegate to a 3rd party — and there may be a delegated versus non-delegated public-key distinction.

Key-rotation is also often necessary for safety reasons.

Etc.

...

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

1/

One way ActivityPub can be extended is — through JSON-LD namespaces.

For example, many Fediverse servers use the following JSON-LD namespace to specify cryptographic public-key(s) for the user.

https://w3id.org/security/v1

(This particular namespace is an HTTPS URL.)

...

But, does extant Fediverse software support cryptographic public-key(s) well?

...

#ActivityPub #Cryptography #Fedidev #Fedidevs #Fediverse #JSONLD

🚀 We’re growing! Cryspen is hiring.

Are you passionate about high-assurance software or cutting-edge cryptography? We are looking for talented individuals to join our team and help us build the next generation of secure-by-design systems.

🔹 Compiler and Verification Tools Engineer
🔹 Cryptography Engineer

Join us in our mission to make the digital world more secure.

👉 Apply here: https://join.com/companies/cryspen

#Hiring #Cryptography #FormalVerification #SoftwareEngineering #TechJobs

🚀 We’re growing! Cryspen is hiring.

Are you passionate about high-assurance software or cutting-edge cryptography? We are looking for talented individuals to join our team and help us build the next generation of secure-by-design systems.

🔹 Compiler and Verification Tools Engineer
🔹 Cryptography Engineer

Join us in our mission to make the digital world more secure.

👉 Apply here: https://join.com/companies/cryspen

#Hiring #Cryptography #FormalVerification #SoftwareEngineering #TechJobs

Feminist Linux Meetups Vienna

4.2. Text wrangling with Vim
4.3. LaTeX hangout
1.4. Alternative input sources for computing
6.5. Intro to Cryptography
3.6. Soldering Workshop

https://feminist-linux.diebin.at/category/termine/

#vienna #wien #linux #floss #latex #soldering #vim #crypto #cryptography #flintA #austria #meetup #meetings #feminism #feminist

Feminist Linux Meetups Vienna

4.2. Text wrangling with Vim
4.3. LaTeX hangout
1.4. Alternative input sources for computing
6.5. Intro to Cryptography
3.6. Soldering Workshop

https://feminist-linux.diebin.at/category/termine/

#vienna #wien #linux #floss #latex #soldering #vim #crypto #cryptography #flintA #austria #meetup #meetings #feminism #feminist

This is a must-read.

https://cryptography.io/en/latest/statements/state-of-openssl/

#python #cryptography #crypto #openssl #opensource

Don't fear the TPM
https://lwn.net/Articles/1032026/

#TPM #cryptography

Yearly update on my verifiable brute force strength gist.

- Bitcoin mining is still just shy of exhausting 95 bits annually.
- Distributed.net's RC5-72 project is still just shy of exhausting 65 bits annually.

We're still 10+ billion years out for completely exhausting every possible key in a 128-bit key space with the current Bitcoin mining power.

https://gist.github.com/atoponce/a7715930ae6eb7d6b487f2f76b57a68d

#crypto #cryptography

We found cryptography bugs in the elliptic library using Wycheproof

https://blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/

#HackerNews #cryptography #bugs #elliptic #library #Wycheproof #cybersecurity #TrailofBits