OpenPGP implementation

[evanp]

In @trymeouteh says: "Here is a simple way I would like to purpose implimenting E2EE messaging in ActivityPub.

Simply by using OpenPGP. Every single account on activitypub will have a new field that is not visible to the public which is the users Public PGP Key. The instance and other instances can request any users public PGP key with an API command. If the user does not have a PGP key (Meaning the instance software does not support PGP encryption) you will not be able to send encrypted messges.

The users private PGP key will be stored on the server but will be stored with encryption by using the users password. The site admin will be unable to read any users PGP key. The private key decryption will be done client side.

When a messge is being sent to a user, these are the steps under the hood.

It requests the recipents public key
If there is a recipent public key, it sends the recipents public key to the sender
If there is a recipient public key, it encrypts the message
If there is no recipient public key, it will warn the user that this message will send unencrypted and the user can reject sending the message or continue sending the message with encryption.
The message is sent to the user"

w3c/activitypub#449

[will-a123]

I found this thread via ![email protected] and wanted to re-post my thoughts:

To get around a scenario where the server is compromised and keys get replaced by a bad actor, instances should act like a certificate authority in a SSL/TLS-like trust chain, so that each user could publish and revoke keys for different purposes. Then I might have separate keys for different groups or individual members, kind of like Google+ (remember that?) used to have “circles” and now FB has Friend List or X/Twitter has Circles.

This would create a different issue, though, of how a user should sync their keys between their different devices.