End-to-end encrypted DMs through ActivityPub will be available in the next release #HolosSocial
3 media
Discussion
Loading...
@HolosSocial is there any server with registration enabled?
It would be cool if I could try it out.
I tried to use PGP over ActivityPub (tbh: over Mastodon) but quickly ran into the length limit. Even with very short content, PGP encrypted messages are always longer then 500 chars.
But it worked if I put the encrypted message into the ALT-Text of one or more images.
To have this native would be nice but hard to implement in browser apps I think.
@deusfigendi
That's why Holos uses Signal Protocol instead of PGP. We store the encrypted data in a custom ActivityPub field (signalCiphertext), not in the content field which has length limits. The content just shows a placeholder text. This avoids character limits while maintaining compatibility with existing servers.
@HolosSocial@mastodon.social @deusfigendi@troet.cafe Since the custom field will be useless if the recipient doesn't support it anyway, wouldn't it be better to just create a custom type, like SignalMessage or something, instead of an extension of Note?
@Varpie
You're right, a dedicated type would be cleaner. We started with a Note extension for immediate compatibility, but we're planning to propose an EncryptedNote type through a FEP. Both approaches can coexist during the transition period. ActivityPub is designed to evolve through community proposals, we should contribute to that evolution.
@deusfigendi
@HolosSocial What's a safety number?
@negative12dollarbill
An optional security feature that lets you verify you're talking to the right person. Most users don't need this, your conversations are automatically encrypted and secure.