+cc: foaf-protocols (feel free to drop the cc later in thread, just
wanted to link the conversations)
Interesting. I hadn't noticed RSA in Salmon.
There were some similar experiments in the FOAF community a while
back, eg. see Edd Dumbill's writeup from ~2002:
http://usefulinc.com/foaf/encryptingFoafFiles
Excerpt:
"""Next, sign and encrypt the private file with GPG, giving the key ID
with the -r option:
gpg -sea -r 6C7F734E foaf-private.rdf
This should create a foaf-private.rdf.asc file, or something named similarly.
Finally, you need to link in the new file from your existing FOAF
file. If you've read Adding people into the FOAF web, you will be
familiar with the rdfs:seeAlso way of linking files. We just use the
same mechanism, but adding some properties to describe the encryption.
Don't forget to declare the wot namespace in your FOAF file:
xmlns:wot="
http://xmlns.com/wot/0.1/"
And then add the link:
<!-- private info for authorized agents only -->
<rdfs:seeAlso>
<foaf:Document
rdf:about="
http://heddley.com/edd/foaf-private.rdf.asc">
<!-- encrypted for the #foaf community -->
<wot:encryptedTo>
<wot:PubKey wot:hex_id="6C7F734E" />
</wot:encryptedTo>
</foaf:Document>
</rdfs:seeAlso>
Add this fragment into your original FOAF file, and republish (don't
forget to re-sign!)"""
We never got beyond proof of concept with this stuff since it relied
on users/publishers (a) understanding PGP's pubkey model (b)
remembering how to use the PGP/GPG tools, (c) manually doing a lot of
publishing. Perhaps Salmon and OStatus gets around much of this.
Which leaves us with the problem of explicitly enumerating the keys of
every one in the 'permitted readers' group. When we looked at this for
FOAF I wasn't sure whether it was a bug or a feature, but if for eg. I
wanted to encrypt some data for "W3C Staff readers only", I would've
had to explicitly enumerate all the staff. And they change over time
(eg. I'm no longer W3C staff :). I lean towards seeing that as a
feature rather than bug actually.
The other aspect of this you mention is that people who want to
encrypt to millions of followers. Since effective privacy of
information drops with every new legitimate reader you add, by the
time you get past 100 or 1000 recipients (still small list compared to
millions), the information is coming close to being public. I don't
know what the largest plausible non-public group of people is;
http://en.wikipedia.org/wiki/Indian_Railways have 1.6 million
employees, but maybe don't need to send non-public memos to them all.
Stephen Fry has a comparable number of followers on twitter, and
probably similar lack of need for intimacy with them. Perhaps you
could pick a cut off and say "above that, it's effectively public, so
we'll use a special key for 'everyone'"?
Not sure where I'm going with this, but it's an interesting topic to revisit...
cheers,
Dan