The Long Tail of Work Left Until ActivityPub Has E2EE
3 hours ago
- #Fediverse
- #E2EE
- #Key Transparency
- The W3C is developing end-to-end encryption (E2EE) for ActivityPub, separate from a key transparency proposal for the Fediverse.
- Three main goals are outlined: enabling E2EE messaging (Fundamental), ensuring correct encryption (Security), and verifiably authenticating user keys without central authority (Authenticity).
- Key transparency provides a decentralized root of trust by logging which ActivityPub actor controls which signing keys, addressing authenticity.
- Current direct messages lack E2EE, posing legal risks for instance hosts due to plaintext storage of sensitive content like images.
- MLS (Messaging Layer Security) implementations in various languages (e.g., TypeScript, Rust) are needed for E2EE, with post-quantum ciphersuites recommended.
- Client software must manage digital signature keys (e.g., Ed25519, ML-DSA) to authenticate MLS KeyPackages, linking to key transparency for public key verification.
- Authentication methods considered include certificate authorities, key fingerprinting, and key transparency, with a proposed traffic light protocol (green/amber/red) for user verification.
- HTTP Message Signature libraries need updates to support ML-DSA-44, and Fediverse software should adopt FEP-521a for multiple signing keys per actor.
- Adoption requires third-party assessments (cryptography audits, penetration tests) and funding for expert reviews to build trust in the implementations.
- The work emphasizes that most tasks involve general software development and collaboration, not deep cryptography, encouraging broad technical contribution.