I had a crazy idea

18 views
Skip to first unread message

Evan Prodromou

unread,
Apr 16, 2010, 8:02:18 PM4/16/10
to ostatus
So, one of the things we don't have in OStatus is privacy. Your
updates that go out are visible to the entire world. For some people,
that's not acceptable.

I had a crazy idea of how we could handle this.

For status updates that are "private", we could use encryption. Since
we have RSA keys for every OStatus participant (we need 'em for
Salmon), we could do the same little trick that PGP does. That is, we
encrypt the notice with a one-time key, and then encrypt that key for
the keys of each follower.

So the outgoing atom entry would have something like:

<content type="application/rsa-encrypted-blob">
bzzzztttt bbzzzzzzzt line noise bzzzzttt phhhptttttt
</content>
<ostatus:key for="ev...@status.net">morelinenoise</ostatus:key>
<ostatus:key for="ja...@status.net">bbzzzzttttpphhhh</ostatus:key>

There are a few problems with this. First, if you have a million
followers, it's going to be a REALLY big message.

Second, it's exposing all your followers to each other. I don't know
if that'd be a requirement of privacy, but it's at least interesting.

Anyways, wanted to get that out.

-Evan


--
Subscription settings: http://groups.google.com/group/ostatus-discuss/subscribe?hl=en

tyler gillies

unread,
Apr 17, 2010, 2:11:59 PM4/17/10
to ostatus...@googlegroups.com
I was just talking about doing this very same thing with someone the other day, but using twitter and putting encrypted message into annotations
--
Everyone Loves Tea
http://www.everyonelovestea.com

Tom

unread,
May 17, 2010, 5:39:52 AM5/17/10
to ostatus
The sad thing is that you call it a crazy idea. All these open specs
are missing privacy bigtime. I am totally not interested in sharing
everything in public. I just want to share with my friends and be sure
only my friends can see it. One of the reasons Facebook is so big is
because all the open standards that might compete with it are done by
exhibitionists (that was a bit harsh, but you get the idea)
I think the Diaspora guys and Eben Moglen are on the right track.
There is no reason why communication shouldn't be encrypted. And
people really need to (learn how to) use GPG.

But encrypted OStatus is a great idea and I really hope there will be
something usable at the end of the year.

Cheers,

- Tom -

Dan Brickley

unread,
May 17, 2010, 6:16:04 AM5/17/10
to ostatus...@googlegroups.com, foaf-pr...@lists.foaf-project.org
+cc: foaf-protocols (feel free to drop the cc later in thread, just
wanted to link the conversations)
Interesting. I hadn't noticed RSA in Salmon.

There were some similar experiments in the FOAF community a while
back, eg. see Edd Dumbill's writeup from ~2002:
http://usefulinc.com/foaf/encryptingFoafFiles

Excerpt:

"""Next, sign and encrypt the private file with GPG, giving the key ID
with the -r option:

gpg -sea -r 6C7F734E foaf-private.rdf
This should create a foaf-private.rdf.asc file, or something named similarly.

Finally, you need to link in the new file from your existing FOAF
file. If you've read Adding people into the FOAF web, you will be
familiar with the rdfs:seeAlso way of linking files. We just use the
same mechanism, but adding some properties to describe the encryption.

Don't forget to declare the wot namespace in your FOAF file:

xmlns:wot="http://xmlns.com/wot/0.1/"
And then add the link:

<!-- private info for authorized agents only -->
<rdfs:seeAlso>
<foaf:Document
rdf:about="http://heddley.com/edd/foaf-private.rdf.asc">
<!-- encrypted for the #foaf community -->
<wot:encryptedTo>
<wot:PubKey wot:hex_id="6C7F734E" />
</wot:encryptedTo>
</foaf:Document>
</rdfs:seeAlso>
Add this fragment into your original FOAF file, and republish (don't
forget to re-sign!)"""


We never got beyond proof of concept with this stuff since it relied
on users/publishers (a) understanding PGP's pubkey model (b)
remembering how to use the PGP/GPG tools, (c) manually doing a lot of
publishing. Perhaps Salmon and OStatus gets around much of this.

Which leaves us with the problem of explicitly enumerating the keys of
every one in the 'permitted readers' group. When we looked at this for
FOAF I wasn't sure whether it was a bug or a feature, but if for eg. I
wanted to encrypt some data for "W3C Staff readers only", I would've
had to explicitly enumerate all the staff. And they change over time
(eg. I'm no longer W3C staff :). I lean towards seeing that as a
feature rather than bug actually.

The other aspect of this you mention is that people who want to
encrypt to millions of followers. Since effective privacy of
information drops with every new legitimate reader you add, by the
time you get past 100 or 1000 recipients (still small list compared to
millions), the information is coming close to being public. I don't
know what the largest plausible non-public group of people is;
http://en.wikipedia.org/wiki/Indian_Railways have 1.6 million
employees, but maybe don't need to send non-public memos to them all.
Stephen Fry has a comparable number of followers on twitter, and
probably similar lack of need for intimacy with them. Perhaps you
could pick a cut off and say "above that, it's effectively public, so
we'll use a special key for 'everyone'"?

Not sure where I'm going with this, but it's an interesting topic to revisit...

cheers,

Dan

James Walker

unread,
May 19, 2010, 10:46:41 AM5/19/10
to ostatus...@googlegroups.com
Hey Tom,

I just wanted to drop a quick note (as I'm getting caught up on
mailing lists I'm behind on) - and say that I think the "crazy" in
Evan's idea is very much tongue in cheek.

We are actively pursuing how best to incorporate privacy into both
StatusNet as well as OStatus. We've discussed OStatus with the
Diaspora team and look forward to having them as adopters.

As Evan mentioned - by implementing & supporting Salmon we already
have RSA keys for each user (so users don't need to generate / manage
keys), and we're doing a lot of brainstorming about how best to
utilize them to provide private messages / streams.

Stay tuned - and feedback, suggestions and wild ideas are absolutely welcome :-)

James
--
James Walker :: http://walkah.net/
Reply all
Reply to author
Forward
0 new messages