Content warning: The prospect of making the Fediverse more secure is an ongoing topic, with a number of developers, privacy advocates, and user communities weighing in on how to do it. On Tuesday evening, ActivityPub spec co-author Evan Prodromou announced that he and Tom
The prospect of making the Fediverse more secure is an ongoing topic, with a number of developers, privacy advocates, and user communities weighing in on how to do it. On Tuesday evening, ActivityPub spec co-author Evan Prodromou announced that he and Tom Coates have received a grant to develop end-to-end encryption (E2EE) for the protocol.
Very happy to announce that @tomcoates and I have been given a #SummerOfProtocols grant to develop an end-to-end encryption (E2EE) protocol for #ActivityPub DMs, including a reference implementation and a report to submit to the W3C SocialCG.
In his proposal, Evan calls out that while ActivityPub is encrypted in transit, there is no standard way of keeping it encrypted at rest. While this isn’t a problem for public-facing posts, this is a non-starter for a lot of users when it comes to DMs and will certainly be a welcome addition. Any social web platform could implement E2EE for themselves, but a standardized format will enable users of different Fediverse services to DM each other through the lens of the social platform of their choice.
At this point, E2EE DMs in the Social Web aren’t a question of “if” , but “when”. This is still early stages of this proposal, Sup is still in development, and there’s more research to be done – but, the ability for Fediverse platforms to support encrypted private messages holds immense promise for making the network more secure.
Daniel Supernault, creator of Pixelfed, announced recently that he's working on a new messaging app called Sup. Details are sparse for the moment, as it's a new initiative under Pixelfed's umbrella. S