what if every toot had a qr-like cryptographic signature next to it, so you could even verify toots on screenshots shared somewhere else
what if we had a federated standard for that & signing arbitrary content & fetching keys for a domain and local key identifier
pretty sure that's already part of a PKCS...
Who owns the keys: instance, but an instance could technically let the client keep it for added security and just keep a public key index and confirm ownership of a pubkey for the domain.
@CobaltVelvet
The ideal would probably be that each of us own his key and share information between us giving key transparently.
It's so shame. I think myself, is it a paranoid behaviour, isnt it ?
@Max_PAURON not really, that's how keys work best. But keeping them on the instance also has its uses, the best is to let users choose.
