#social 2020-05-17

2020-05-17 UTC
sl007 joined the channel
# 06:52 
Gargron heluecht[m]: the main reason mastodon pulled back on using ld-signatures is that even if the post was already deleted at origin, passing an ld-signed object to an unknowing third party would create a copy of it, and this effect never expires
# 06:53 
Gargron there is a nonce mechanism you can use to prevent replay attacks by recording every nonce and making sure they're only processed once, but this does nothing for the above problem
# 06:53 
Gargron that being said, for E2EE, the client needs to sign one-time-keys, so we need *some* form of signature representation in json-ld
# 08:46 
xmpp-social [jack0404] hi