----- "Evan Prodromou" <[email protected]> wrote: | I sympathize with those people who say that everything should be out | in | the open. But I don't feel like it's my decision to make, for those | folks who do want to have control over who reads what they're doing.
By agreeing that your submissions are licensed under creative commons at registration time, aren't you effectively forfeiting any expectation of privacy anyway? Although any one federated, or internal and private, install doesn't necessarily have to require CC for user submissions. Certain privacy features may only make sense in non-federated servers. | The problem I have with privacy is implementation. First, there's the | problem of federation. If you post a private notice on my server, and | I | pass it to another server for a subscriber there, and that server on | purpose or by accident leaks your private notice (or uses it for | nefarious purposes), that's a real problem. To be fair, we accept | this | risk pretty normally in using email, but I'm still concerned about | it. Email is designed around delivery to one while OMB is concerned with broadcast to many. I agree, targeted broadcasting is prone to leakage. Although... just as email users can use public/private key crypto to ensure privacy and authenticity, there's no reason two OMB users couldn't do the same. They could do it manually right now. Encrypt the message with the recipient's public key, dent it publicly, then the recipient gets the message and decrypts with their private key. This could be implemented as part of laconica and is probably the only way to really guarantee privacy and authenticity. The user's local server could store the keys (I'm assuming the local server is trusted) and publish the users public key at a specific URL. Private keys could be autogenerated or uploaded. Um, that was a random tangent and complicates things beyond all belief. But I might just send a few messages back and forth to someone using pgp just for fun. | All of which is to say: not enough people seem to really want private | notices for me to my all my brainpower into making it happen. This | will | probably not be the case with groups; a lot of people seem to want | privacy there. Perhaps *local only groups* with privacy would be a functional compromise and sidestep all the federation issues for now. Ahoy, Jason _______________________________________________ Laconica-dev mailing list [email protected] http://mail.laconi.ca/mailman/listinfo/laconica-dev
