Notices by silverpill (silverpill@mitra.social), page 33

@hongminhee multi-valued publicKey is not widely supported. FEP-521a proposes another representation that doesn't break compatibility with existing software.

@Hyolobrika Matrix is not advertised as zero metadata secure messenger.

@Hyolobrika IIRC there was a widely shared comparison chart where Tor was marked as "supported" in SimpleX and "not supported" in Matrix and others... Anyway, if Tor is not used by default, by now they must have a huge amount of personally identifying information collected from unsuspecting users. This is hilarious. Literally a honeypot

@Hyolobrika Sounds like they are re-inventing Tor for silly reasons. That's the problem with all VC funded startups, they always try to create a "platform" to lock users in, so the software components and protocols made by open source community must be replaced with bespoke solutions.

>Until this release though, SimpleX network had no built-in protection of user transport identities - IP addresses
>To work around this limitation, many users connected to SimpleX network relays via Tor or VPN

What? I thought Tor was used by default there. So that was just another lie?

@SomeGadgetGuy Finally, a good excuse to stop interacting with Windows users

@mikedev I know, but this FEP is forward-looking because it is supposed to be a guide for developers.

However, LD Signatures are mentioned in FEP-8b32, in the History section

Finished the FEP and submitted it: https://codeberg.org/fediverse/fep/pulls/321

@raucao @laurenshof.online Sooner or later "fediverse" will be like "web3", a meaningless buzzword that startups attach to their products. The process is already underway.

@nimda Last log messages before the event might provide some insight into what happened

@mint I believe the correct procedure is described in https://swicg.github.io/activitypub-webfinger/#reverse-discovery

@mint Yes, webfinger is out of scope, and as far as I know Pleroma was vulnerable because it didn't do proper validation during reverse webfinger lookups... Is that right?
I don't know much about it. Mitra doesn't perform reverse webfinger lookups at all

@nimda Maybe I created an infinite loop somewhere, lol

Let's talk about object ownership in #ActivityPub

I'm writing a new FEP: https://codeberg.org/silverpill/feps/src/branch/main/c7d3/fep-c7d3.md

This topic is rarely discussed, but any server that doesn't implement ownership checks as described in this document is likely vulnerable to impersonation attacks.

@errhead @StevenB

>Monero or Hive will get an order of magnitude more push back than Bitcoin.

Idk about Hive, but the usual criticisms like "wastes energy" and "used only for speculation" are harder to use against Monero. My observation is that Monero is more palatable to people outside of the crypto community than most other coins. Of course, there's "used by criminals" narrative, but it also applies to secure messengers and tools like Tor.

>Have yet to find a non-crypto non-fiat micropayment system that didn't stink incredibly of scam

GNU Taler depends on fiat but still might be interesting: https://taler.net

@mondstern @frogzone Great! I'll try to add translation support, shouldn't be very difficult.

@mondstern Not yet, but this is planned:

https://codeberg.org/silverpill/mitra-web/issues/1

@frogzone

@mint @crunklord420 @NonPlayableClown @Saxophone3784 @alex FEP-c390 is implemented in Mitra, along with a migration mechanism based on it (which can work even if the original instance is down). But this migration mechanism only works for followers, and it hasn't been implemented by other projects, so it is not particularly interesting. I consider FEP-c390 deprecated (though it might be useful for other things besides migrations).

FEP-ef61 is much better because it makes all objects portable and self-authenticating. I haven't implemented it fully, it is a work in progress.

@Tadano @tadano 2.21.0 is out, notifications in Husky should work. Outgoing emoji reacts should work as well (only in Husky, not in mitra-web).

@frogzone Never heard of it.

@frogzone Used to be @dsfgs but the instance is gone. I have a cached profile though, and it points to https://www.dicksmithfairgo.com.au website