emersion is a user on octodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
virtualice @CobaltVelvet

what if every toot had a qr-like cryptographic signature next to it, so you could even verify toots on screenshots shared somewhere else

virtualice @CobaltVelvet

what if we had a federated standard for that & signing arbitrary content & fetching keys for a domain and local key identifier

pretty sure that's already part of a PKCS...

Who owns the keys: instance, but an instance could technically let the client keep it for added security and just keep a public key index and confirm ownership of a pubkey for the domain.

emersion @emersion

@CobaltVelvet Keeping the private key client-side is an interesting idea. No need for Yet Another Protocol for that, the client just needs to send the signed Salmon when it posts/likes/follows.

· Web · 0 · 0
virtualice @CobaltVelvet

@emersion the whole second part was to make it work with other protocols. (emails, web forums, blogs or news articles, ...)

The signature would be sent with the toot, but the key ownership verification (common to all uses) would be another protocol.

octodon.social powered by Mastodon