Important progress has been made regarding bringing MLS end-to-end encryption to the ActivityPub protocol, with developers already building implementations and providing feedback to a future version of the protocol spec.
Important progress has been made regarding bringing MLS end-to-end encryption to the ActivityPub protocol, with developers already building implementations and providing feedback to a future version of the protocol spec.
You and me both.
But after pondering the orbs for a minute I think they’re saying, that it’s just Emissary trying to get E2EE working and not Fediverse as a whole.
And they follow with some objection with the proposed draft. I can only comment on the 3rd one, it basically mean you need other channel of communication to manually compare fingerprint (i.e via Matrix/Signal) to make sure your activities on Emissary is actually encrypted, maybe lol.
but wouldn’t you also need to verify the matrix/signal contact? both of them gives you the option to verify the other, but its very rarely used by people. so, you need either an already verified secure channel, or meeting on the street.
but then again we don’t actually know each other. so if we meet, how would you know it’s actually me, and not someone impersonating me?
Well, yeah the assumption here is that we both already knew and trust each other IRL and you personally give me this contact info and the check is there to make sure I was actually connected to you.
We as layman didn’t do this but I would assumed someone who is a high profile target actually do this kinds of checks.