Edit security
This commit is contained in:
parent
2695fe1cac
commit
106225cfc8
|
@ -1,14 +1,23 @@
|
|||
### Security
|
||||
|
||||
Designing for public communication requires less focus on privacy than more intimate social applications. However, privacy for user metadata is still important, and private direct messaging is a feature that may need to be supported.
|
||||
Designing for public communication requires less focus on privacy than social applications designed for close social circles. However, privacy for user metadata is still important, and private direct messaging is a feature that may need to be supported.
|
||||
|
||||
Some e2e messaging encryption options:
|
||||
Many decentralized social applications that include direct messaging use e2e encryption to preserve the privacy of messages.
|
||||
|
||||
- Noise protocol
|
||||
- Matrix - [End-to-end encryption guide for Matrix clients](https://matrix.org/docs/guides/end-to-end-encryption-implementation-guide)
|
||||
- ActivityPub - Mastodon is [adding e2e encryption to ActivityPub](https://github.com/tootsuite/mastodon/pull/13820). Previously, messages were unencrypted on the server.
|
||||
- Ssb - Ssb, as a p2p protocol, included [e2e encryption for direct messages](http://scuttlebot.io/docs/basics/encryption.html) from the start, so that unencrypted messages would not be passed around the network.
|
||||
|
||||
Some more e2e messaging encryption options:
|
||||
|
||||
- [Noise protocol](http://www.noiseprotocol.org/), used by WhatsApp
|
||||
- [Messaging Layer Security (MLS)](https://messaginglayersecurity.rocks/)
|
||||
|
||||
### Access Control
|
||||
|
||||
Different levels of access to user data can be controlled through server permissions on federated systems. In p2p systems, access control must be implemented through cryptographic permissions, or access control lists.
|
||||
|
||||
Object capability security authorization system
|
||||
Object capability security authorization systems:
|
||||
|
||||
- [Adding object capabilities to ActivityPub](https://gitlab.com/spritely/ocappub/blob/master/README.org)
|
||||
- Peergos provides [capability-based access control](https://github.com/Peergos/Peergos) for files on top of IPFS
|
||||
|
|
Loading…
Reference in New Issue