On Sun, 2010-07-11 at 11:21 +0900, B. Kip wrote:
> Still trying to understand this in detail:
>
> On Sat, Jul 10, 2010 at 9:46 PM, Blaine Cook <
address@hidden> wrote:
> On 10 July 2010 13:26, Ted Smith <
address@hidden> wrote:
> > It means that if your server (to be precise, your
> > core) is cracked, or subpoenaed by the MAFIAA/ACTA-Empowered
> Sharing
> > Police, it can give up no data that you haven't already
> decided is
> > public.
> >
> > I don't think that StatusNet GNU Social makes that
> guarantee, even when
> > it comes to private messaging. I would be very happy to be
> wrong.
>
>
> It doesn't, though servers are free to encrypt the data before
> and/or
> after it's sent. The same applies for email. Two thoughts:
>
> 1. I welcome experiments using P2P networks for social
> networks, but
> consider the human-level usability concerns. No matter what
> the
> underlying technology is, you need a human-level addressing
> system
> (the acid test for a good addressing scheme is the ability for
> one
> person to be able to write down on a scrap of paper an address
> at
> which someone else can contact them later). If you use
> webfinger (re:
> email-like addresses), you can maintain compatibility with
> mainline
> GNU Social, Status.net, Diaspora (i.e., OStatus), and Google
> Buzz
> while providing forwards-compatibility to stronger
> privacy-based
> networks*.
>
> From: GNU social - Privatemessaging - Open wiki - Gitorious
>
http://gitorious.org/social/pages/Privatemessaging:
> * If Bob hasn’t authenticated against Alice’s server,
> then Bob’s server goes through the Webfinger auth
> process, generating a shared secret. If he already
> has, he’ll already have such a secret.
> * Bob’s server uses the shared secret from the Webfinger
> auth process to retrieve Alice’s message.
> So, as I understand it, this shared secret is simply a way of ensuring
> that Bob is really Bob and Alice is really Alice, and that they know
> eachother, not a key that is used to encrypt messages between Alice
> and Bob- correct?