Openmedianetwork
commented
2 months ago More admin responasbilerty, an issue for trust based democratic self-hosting
Open evanp opened 2 months ago
Openmedianetwork
commented
2 months ago More admin responasbilerty, an issue for trust based democratic self-hosting
evanp
commented
2 months ago More admin responasbilerty, an issue for trust based democratic self-hosting
One way this could work is to have one key per client (mobile app, Web app, desktop app, ...). Public keys are stored on the ActivityPub server or in a third-party key server. An authenticated user could choose a public key to revoke. It could just remove the key from storage, so it can't be discovered for future conversations, or it could replace the key with a revocation certificate of some kind.
"As an ActivityPub user, I can revoke a device or client from my instance, so I can stop any further DMs being viewable on the client if it has fallen into the wrong hands or if I decide they are not trustworthy."