Colin Cogle :verified:<p><span class="h-card" translate="no"><a href="https://gaygeek.social/@vlpatton" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>vlpatton</span></a></span> The classic method is a key signing party. Get a bunch of people in the same room with legal photo identification and their fingerprints, and go around the room checking everyone else’s ID. Then, go home and sign everyone’s keys. Send the signed key to the key owner. Import signed keys and collect signatures!</p><p>Key servers sharing signatures haven’t been a thing since the attacks years ago. Any modern keyserver will strip the signatures, so you’ll have to distribute your key with signatures some other way (WKD, DNS, a file on your web site, etc.).</p><p>CAcert will do PGP key endorsements if you get enough assurances on their platform. Everyone with a signed key has had two forms of ID checked by two people. However, their infrastructure can only work on old-school RSA keys right now (they’re working on modernizing).</p><p><a href="https://mastodon.colincogle.name/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> <a href="https://mastodon.colincogle.name/tags/GnuPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnuPG</span></a> <a href="https://mastodon.colincogle.name/tags/CAcert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CAcert</span></a> <a href="https://mastodon.colincogle.name/tags/KeySigningParty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeySigningParty</span></a> <a href="https://mastodon.colincogle.name/tags/cryptoparty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptoparty</span></a> <a href="https://mastodon.colincogle.name/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.
Administered by:
Server stats:
9.7Kactive users
hachyderm.io: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.5
#weboftrust
2 posts · 2 participants · 0 posts today
Ayzee 🏳️⚧️<p>how does one perhaps acquire signatures for their PGP key? I'm wanting to build a web of trust, but I'm unsure if there's anyone I know personally (and especially in-person) who would be able to sign my keys...</p><p>fwiw, I use my keys to sign Git commits, mostly.</p><p><a href="https://gaygeek.social/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> <a href="https://gaygeek.social/tags/Encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Encryption</span></a> <a href="https://gaygeek.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> <a href="https://gaygeek.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnuPG</span></a></p>
CarK :python:<p><span class="h-card" translate="no"><a href="https://bonn.social/@Sascha" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Sascha</span></a></span> </p><p>Ein ähnliches Beispiel ist das Recht auf Anonymität: Wichtig um Missstände aufzudecken ("Whistle-Blowing"), wird aber oft für Hetze und Desinformation benutzt.</p><p>→ Es braucht mittelfristig ein kluges Management von Vertrauen im Internet.</p><p>Das <a href="https://social.tchncs.de/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> [1] hat das Problem im Bereich <a href="https://social.tchncs.de/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>-basierter E-Mail-Authentizität eigentlich schon gelöst. Sowas ähnliches bräuchte es (zeitgemäß umgesetzt) für allgemeine Informationen.</p><p>[1] <a href="https://de.wikipedia.org/wiki/Web_of_Trust" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">de.wikipedia.org/wiki/Web_of_T</span><span class="invisible">rust</span></a></p>
jack 💥<p>I decree that <a href="https://mastodon.online/tags/mozilla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mozilla</span></a> should create a <a href="https://mastodon.online/tags/weboftrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>weboftrust</span></a> mechanism. Kinda of like what keybase used to be. As way to very identity others so you can safety chat, share, exchange, etc. </p><p>In a world of bullshit ID (Azure, Google, Amazon, Apple, Etc) having an ID that wasn't tied to a billionaire corp, g-men, or government name it would be a valued service. Offer a premium version that makes it supercharged. place it behind firefox ID.</p><p>xoxo</p><p><a href="https://mastodon.online/tags/brainstorm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>brainstorm</span></a> <a href="https://mastodon.online/tags/firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firefox</span></a></p>
Benedikt Ritter (he/him)<p>The keybase.io proof for my domain just broke because I recreated my website. Does anybody still use keybase.io? It felt like it was a great idea in the beginning but then introduced crypto currencies which felt shady to me.</p><p><a href="https://chaos.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> <a href="https://chaos.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://chaos.social/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> <a href="https://chaos.social/tags/keybase_io" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keybase_io</span></a></p>
Hugo Trentesaux<p><strong>Toile de confiance animée #6</strong></p>
<p><a href="https://tube.p2p.legal/videos/watch/56295b07-2cae-4d3e-8d81-e4f4f4317a67" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tube.p2p.legal/videos/watch/56</span><span class="invisible">295b07-2cae-4d3e-8d81-e4f4f4317a67</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@shaknais" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>shaknais</span></a></span> No, <a href="https://infosec.space/tags/VoLTE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoLTE</span></a> - like any <a href="https://infosec.space/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> - <em>can't and won't</em> solve <a href="https://mastodon.social/@shaknais/113241205903082429" rel="nofollow noopener noreferrer" target="_blank">issues</a> caused by <em><a href="https://infosec.space/tags/humans" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>humans</span></a> being <a href="https://infosec.space/tags/malicious" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malicious</span></a> and/or <a href="https://infosec.space/tags/corrupt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>corrupt</span></a></em>, espechally since it's a <a href="https://infosec.space/tags/blackbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blackbox</span></a> that the user can't even <em>verify a checksum or fingerprint</em> of.</p><ul><li><p>Whereas with <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> one can use <a href="https://infosec.space/tags/DueDiligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DueDiligence</span></a>, <a href="https://infosec.space/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> & <a href="https://infosec.space/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> independently from each other to verify things!</p></li><li><p>You're goalposting, so the entire conversation is just a waste of time and traffic for me.</p></li></ul><p><a href="https://infosec.space/tags/thxbye" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>thxbye</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EOD</span></a></p>
Rowan the Selfsame<p>If you know me, you know I am an Invisible Internet Project [<a href="https://c.im/tags/I2P" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>I2P</span></a> & <span class="h-card" translate="no"><a href="https://mastodon.social/@i2p" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>i2p</span></a></span>] enthusiast. (See the <a href="https://geti2p.net/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/</span><span class="invisible"></span></a> <a href="https://c.im/tags/homepage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homepage</span></a>.) I2P is similar to Tor, but differs in that _every_ client instance of the I2P software, while connected to the Internet, _participates in routing traffic_ around Internet blockages.</p><p>I just read <a href="https://www.diva.exchange/en/privacy/i2p-interview-with-the-developer-idk-part-2/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">diva.exchange/en/privacy/i2p-i</span><span class="invisible">nterview-with-the-developer-idk-part-2/</span></a> and came across a link to a <a href="https://c.im/tags/SoftwareLibrary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SoftwareLibrary</span></a> for the "SAM API" of I2P. In the past, I had thought the SAM <a href="https://c.im/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> cumbersome and clunky (perhaps this was due to the format of the documentation).</p><p>The <a href="https://www.diva.exchange/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">diva.exchange/</span><span class="invisible"></span></a> team have created a <a href="https://c.im/tags/Typescript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Typescript</span></a> wrapper for the I2P SAM API. It seems that Diva Exchange uses <a href="https://c.im/tags/I2PD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>I2PD</span></a> (the <a href="https://c.im/tags/CPlusPlus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CPlusPlus</span></a> variety of the available I2P applications) rather than the reference <a href="https://c.im/tags/Java" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Java</span></a> implementation.</p><p>**If you are affiliated with diva.exchange/, please reach out to the editors to include back-links to the I2P Homepage and <a href="https://c.im/tags/SourceCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SourceCode</span></a> repositories & documentation!** Even if the links are subtle and get overlooked by casual readers (attentive readers will cite the links additionally), the publicity gained by linking to the relevant I2P pages _should_ help the I2P to climb the ranks of search engine results. Mutual aid is a social duty — even on the Internet!</p><p>----</p><p>The I2P SAM library that excites me: <a href="https://github.com/diva-exchange/i2p-sam" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/diva-exchange/i2p-s</span><span class="invisible">am</span></a> (Note: this library _is not listed_ in the table of libraries on the I2P SAM documentation page.)<br>The I2P SAM canonical documentation: <a href="https://geti2p.net/en/docs/api/samv3" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/docs/api/samv3</span><span class="invisible"></span></a></p><p>----</p><p>If you would like to play with I2P, here are the links to download the software:</p><p>- <a href="https://geti2p.net/en/download#windows" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#windows</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#mac" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#mac</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#unix" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#unix</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#deb" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#deb</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#android" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#android</span><span class="invisible"></span></a><br>- <a href="https://geti2p.net/en/download#source" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/download#source</span><span class="invisible"></span></a></p><p>----</p><p>Here are a few other links of interest, relating to I2P:</p><p>- "Bitcoin core adds support for I2P!" at <a href="https://geti2p.net/en/blog/post/2021/09/18/i2p-bitcoin" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">geti2p.net/en/blog/post/2021/0</span><span class="invisible">9/18/i2p-bitcoin</span></a>, posted 2021-09-18 by idk. **Blurb**: "A new use case and a signal of growing acceptance.". [<a href="https://c.im/tags/BTC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BTC</span></a> <a href="https://c.im/tags/Bitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bitcoin</span></a> <a href="https://c.im/tags/BitcoinCore" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BitcoinCore</span></a> <a href="https://c.im/tags/Proxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proxy</span></a>]<br>- "Help your Friends Join I2P by Sharing Reseed Bundles" at <a href="https://geti2p.net/en/blog/post/2020/06/07/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">geti2p.net/en/blog/post/2020/0</span><span class="invisible">6/07/</span></a>, , posted 2020-06-07 by idk. **Blurb**: file-based-reseed "Create, exchange, and use reseed bundles". [<a href="https://c.im/tags/NetworkHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkHub</span></a> <a href="https://c.im/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a>]<br>- "Gitlab over I2P Setup" at <a href="https://geti2p.net/en/blog/post/2020/03/16/gitlab-over-i2p/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">geti2p.net/en/blog/post/2020/0</span><span class="invisible">3/16/gitlab-over-i2p/</span></a>, posted 2020-03-16 by idk. **Blurb**: "Mirror I2P Git repositories and Bridge Clearnet repositories for others." [<a href="https://c.im/tags/Git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Git</span></a> <a href="https://c.im/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a>]<br>- "Blizzard (I2P Router Plugin)" at <a href="https://i2p-pt.github.io/blizzard/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">i2p-pt.github.io/blizzard/</span><span class="invisible"></span></a>, whose **blurb** is: "blizzard, I2P Plugin for Donating a Snowflake.", and "Plugins — I2P" at <a href="https://geti2p.net/en/docs/plugins" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">geti2p.net/en/docs/plugins</span><span class="invisible"></span></a>:<br> > Blizzard is a standalone version of the Tor Project’s Snowflake proxy. It can be used to produce an I2P Plugin that will donate a Snowflake to Tor Browser users. The Snowflake uses I2P to manage its lifecycle. That means when you start and stop your I2P router you start and stop the Snowflake.<br>- "I2P — Wikipedia § Software" at <a href="https://en.wikipedia.org/wiki/I2P#Software" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.wikipedia.org/wiki/I2P#Soft</span><span class="invisible">ware</span></a>.</p>
Ubuntu Korea Community<p><a href="https://mastodon.social/tags/UbuCon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UbuCon</span></a> <a href="https://mastodon.social/tags/Korea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Korea</span></a> 2024, 어느덧 한 달도 남지 않았는데요. 올해도 작년에 이어 <a href="https://mastodon.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> 키사이닝 파티가 프로그램의 일부로 진행 될 예정입니다. 서로의 신원 확인과 상호 OpenPGP 키 서명을 통해 <a href="https://mastodon.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> 도 구축하고, 다른 참가자와 네트워킹도 쉽게 시작해 볼 수 있습니다. OpenPGP 키사이닝 파티는 사전 <a href="https://mastodon.social/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a> 키 제출 등 준비가 조금 필요한데요, 올해는 조금 더 쉽게 준비할 수 있도록 개선이 되었으니 올해도 많은 참여 부탁드리겠습니다!</p><p>참여 방법 안내 및 OpenPGP키 제출 <a href="https://github.com/ubuntu-kr/ksp-toolkits/blob/master/ksp/ksp-20240810/readme.md" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/ubuntu-kr/ksp-toolk</span><span class="invisible">its/blob/master/ksp/ksp-20240810/readme.md</span></a></p><p>UbuCon Korea 2024 참가등록 <a href="https://2024.ubuntu-kr.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">2024.ubuntu-kr.org</span><span class="invisible"></span></a></p>
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸<p>> In Coracle, this number is equal to how many people you follow that also follow a given person, minus pow(2, log(n)), where n is how many people you follow who have muted this person. </p><p><a href="https://coracle.social/help/web-of-trust" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">coracle.social/help/web-of-tru</span><span class="invisible">st</span></a></p><p><a href="https://mastodon.social/tags/nostr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nostr</span></a> <a href="https://mastodon.social/tags/webOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webOfTrust</span></a> <a href="https://mastodon.social/tags/trust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>trust</span></a> <a href="https://mastodon.social/tags/socialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>socialMedia</span></a> <a href="https://mastodon.social/tags/coracle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>coracle</span></a></p>
CAcert<p><span class="h-card" translate="no"><a href="https://mstdn.social/@resmo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>resmo</span></a></span> <br>Do you know the Web of Trust from <a href="https://mastodon.social/tags/CAcert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CAcert</span></a>.org?<br>At the moment, we have very few applications that are based on this. There could easily be more ;-)<br>If you have an idea: welcome!</p><p>(We also have a few more ideas, but our resources are rather scarce and we can't work on more than one at a time. We want to present something new at Froscon this summer).</p><p><a href="https://mastodon.social/tags/weboftrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>weboftrust</span></a> <a href="https://mastodon.social/tags/cacert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cacert</span></a> <a href="https://mastodon.social/tags/wot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wot</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a></p>
René Moser (resmo) レネ<p>Looking at the <a href="https://mstdn.social/tags/xz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>xz</span></a> drama and how to solve it: </p><p>a working "web of trust" kind a thing (like <a href="https://mstdn.social/tags/GnuPG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GnuPG</span></a> was trying to provide in the past but failed somehow) is more than needed. </p><p>We need to re-establish a web of trust. A working one. A easy to use one. A well integrated one.</p><p><a href="https://mstdn.social/tags/webOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webOfTrust</span></a></p>
Francesco P Lovergine :debian:<p>Ok, let's talk about the elephant in the room. Why is a totally anonymous contribution to any significant <a href="https://floss.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FOSS</span></a> program still admitted in 2024? IMHO, this idea should be eradicated. In <a href="https://floss.social/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a>, we have used a <a href="https://floss.social/tags/weboftrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>weboftrust</span></a> for more than 20 years. It is not perfect, but that would probably have mitigated/avoided the <a href="https://floss.social/tags/xz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>xz</span></a> fiasco, and today, we could probably have a subject to prosecute. Instead, today, we have exactly none but for an avatar.</p>
tunda<p>Stimmt das wirklich, dass der Keyserserver keys.openpgp.org sämtliche bisherigen Signaturen unter dem publickkey wegschneidet?</p><p><a href="https://layer8.space/tags/CLT2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CLT2024</span></a> <a href="https://layer8.space/tags/WebofTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebofTrust</span></a></p>
David Runge<p>Another set of sshd-openpgp-auth and ssh-openpgp-auth releases is out:<br>This server and client-side tooling for managing the <a href="https://chaos.social/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> of <a href="https://chaos.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> host keys with the help of an <a href="https://chaos.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> <a href="https://chaos.social/tags/certificate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>certificate</span></a> as trust anchor is now feature complete.<br><a href="https://crates.io/crates/sshd-openpgp-auth" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crates.io/crates/sshd-openpgp-</span><span class="invisible">auth</span></a><br><a href="https://crates.io/crates/ssh-openpgp-auth" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crates.io/crates/ssh-openpgp-a</span><span class="invisible">uth</span></a><br>Many thanks to <span class="h-card" translate="no"><a href="https://metacode.biz/@wiktor" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>wiktor</span></a></span> for the great collaboration and <a href="https://chaos.social/tags/NLnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NLnet</span></a> / <a href="https://chaos.social/tags/NGIAssure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGIAssure</span></a> for funding this work!<br><a href="https://chaos.social/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://chaos.social/tags/KeyOxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyOxide</span></a> <a href="https://chaos.social/tags/KnownHosts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KnownHosts</span></a> <a href="https://chaos.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://chaos.social/tags/PGPKI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGPKI</span></a> <a href="https://chaos.social/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rust</span></a> <a href="https://chaos.social/tags/Rustlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rustlang</span></a> <a href="https://chaos.social/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://chaos.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> <a href="https://chaos.social/tags/WebKeyDirectory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebKeyDirectory</span></a> <a href="https://chaos.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> <a href="https://chaos.social/tags/WKD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WKD</span></a> <a href="https://chaos.social/tags/WoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WoT</span></a></p>
wakest ⁂<p><span class="h-card" translate="no"><a href="https://swecyb.com/@nopatience" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nopatience</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@jerry" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jerry</span></a></span> <span class="h-card" translate="no"><a href="https://ioc.exchange/@seb" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>seb</span></a></span> <a href="https://social.wake.st/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> is the only way forward</p>
David Runge<p>We have just issued the first <a href="https://chaos.social/tags/release" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>release</span></a> of <a href="https://chaos.social/tags/sshd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sshd</span></a>-openpgp-auth and <a href="https://chaos.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a>-openpgp-auth.</p><p>Using this server and client-side tooling it is possible to manage the <a href="https://chaos.social/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> of <a href="https://chaos.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> host keys with the help of an <a href="https://chaos.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a> certificate as trust anchor.</p><p><a href="https://crates.io/crates/sshd-openpgp-auth" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crates.io/crates/sshd-openpgp-</span><span class="invisible">auth</span></a></p><p><a href="https://crates.io/crates/ssh-openpgp-auth" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">crates.io/crates/ssh-openpgp-a</span><span class="invisible">uth</span></a></p><p>Many thanks to <span class="h-card" translate="no"><a href="https://metacode.biz/@wiktor" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>wiktor</span></a></span> for the great collaboration and <a href="https://chaos.social/tags/NLnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NLnet</span></a> / <a href="https://chaos.social/tags/NGIAssure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGIAssure</span></a> for funding this work!</p><p><a href="https://chaos.social/tags/DNS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DNS</span></a> <a href="https://chaos.social/tags/KeyOxide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KeyOxide</span></a> <a href="https://chaos.social/tags/KnownHosts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KnownHosts</span></a> <a href="https://chaos.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://chaos.social/tags/Rustlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rustlang</span></a> <a href="https://chaos.social/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://chaos.social/tags/WebKeyDirectory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebKeyDirectory</span></a> <a href="https://chaos.social/tags/WebOfTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebOfTrust</span></a> <a href="https://chaos.social/tags/WKD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WKD</span></a> <a href="https://chaos.social/tags/WoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WoT</span></a></p>
David Sterry<p>Thinking about a greenfield project for Magic Stone. Has to do with Nostr, web-of-trust and the idea of a global town square.</p><p>I really need to learn how to write short updates and not get all epic. 😅 </p><p><a href="https://c4.social/tags/MagicStone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MagicStone</span></a> <a href="https://c4.social/tags/nostr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nostr</span></a> <a href="https://c4.social/tags/weboftrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>weboftrust</span></a></p><p><a href="https://davidsterry.com/blog/2023/09/the-global-town-square-is-for-everyone-not-just-blue-checks/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">davidsterry.com/blog/2023/09/t</span><span class="invisible">he-global-town-square-is-for-everyone-not-just-blue-checks/</span></a></p>
mushroom 🍄<span class="h-card"><a class="u-url mention" href="https://shitposter.club/users/Moon" rel="nofollow noopener noreferrer" target="_blank">@<span>Moon</span></a></span> I met you IRL and confirm this is a real picture of you <a class="hashtag" href="https://udongein.xyz/tag/weboftrust" rel="nofollow noopener noreferrer" target="_blank">#webOfTrust</a> <a class="hashtag" href="https://udongein.xyz/tag/web3" rel="nofollow noopener noreferrer" target="_blank">#web3</a> <a class="hashtag" href="https://udongein.xyz/tag/undisguisedmoon" rel="nofollow noopener noreferrer" target="_blank">#undisguisedMoon</a> <a class="hashtag" href="https://udongein.xyz/tag/moon_irl" rel="nofollow noopener noreferrer" target="_blank">#moon_irl</a>
Kim Sudenlehto<p><span>What kind of </span><a href="https://firefish.social/tags/Moderation" rel="nofollow noopener noreferrer" target="_blank">#Moderation</a><span> would you wish a </span><a href="https://firefish.social/tags/SocialMedia" rel="nofollow noopener noreferrer" target="_blank">#SocialMedia</a><span> service like </span><a href="https://firefish.social/tags/Mastodon" rel="nofollow noopener noreferrer" target="_blank">#Mastodon</a><span> or </span><a href="https://firefish.social/tags/FireFish" rel="nofollow noopener noreferrer" target="_blank">#FireFish</a><span> to have?<br><br>If you're familiar with </span><a href="https://firefish.social/tags/ActivityPub" rel="nofollow noopener noreferrer" target="_blank">#ActivityPub</a><span>, can it be implemented with it?<br><br>I'm specifically looking for user moderation tools for </span><a href="https://firefish.social/tags/PeerToPeer" rel="nofollow noopener noreferrer" target="_blank">#PeerToPeer</a><span> </span><a href="https://firefish.social/tags/P2P" rel="nofollow noopener noreferrer" target="_blank">#P2P</a><span> solutions where service data can't be manually moderated by a central actor. The service data would exist until it is forgotten (no one is sharing it).<br><br>Profile and post data would be saved in browser database (</span><a href="https://firefish.social/tags/IndexedDB" rel="nofollow noopener noreferrer" target="_blank">#IndexedDB</a><span>) and peer discovery would be handled by </span><a href="https://docs.holepunch.to/building-blocks/hyperswarm" rel="nofollow noopener noreferrer" target="_blank"><span>#HyperSwarm</span></a><span> or similar. The whole service would be a </span><a href="https://firefish.social/tags/PWA" rel="nofollow noopener noreferrer" target="_blank">#PWA</a><span>, requiring zero server resources beyond loading the PWA, if possible.<br><br>Currently I have this:<br>- honor thread starter </span><a href="https://firefish.social/tags/blocklist" rel="nofollow noopener noreferrer" target="_blank">#blocklist</a><span> (by hiding and not sharing those comments - individual clients could still show these and share, resulting in less effective moderation)<br>- allow thread starter to moderate their threads (don't know how to implement this, yet)<br>- allow post and comment editing (implement post version checking and automatic updates - again, a client might ignore updates or collect history, resulting in less effective moderation)<br>- profile reputation, automatic blocking based on reputation and shared blocklists, </span><a href="https://firefish.social/tags/whitelist" rel="nofollow noopener noreferrer" target="_blank">#whitelist</a><span> and shared whitelists, blocklist and shared blocklists (see above); essentially a </span><a href="https://firefish.social/tags/WebOfTrust" rel="nofollow noopener noreferrer" target="_blank">#WebOfTrust</a><span> implementation<br>- visibility controls<br>- sharing controls (for service data; by default interactions and own data would be saved locally and shared to network; data that is offline isn't reachable)</span></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload