• 2 Posts
  • 64 Comments
Joined 1 year ago
cake
Cake day: April 27th, 2024

help-circle




  • I think that at the bare minumum, the PORN<->GOV connection must not occur. How about this (simplified):

    • USER visits porn site
    • PORN site encrypts random nonce + “is this user 18?” with GOV pubkey
    • PORN forwards that to USER
    • USER forwards that to GOV, together with something authenticating themselves (need to have GOV account)
    • GOV knows user is requesting, but not what for
    • GOV checks: is user 18?, concats answer with random nonce from PORN, hashes that with known algo, signs the entire thing with its private signing key
    • GOV returns that to USER
    • USER forwards that to PORN
    • PORN is able to verify that whoever made the request to visit PORN is verified as older than 18 by singing key holder / GOV, by checking certificate chain, and gets freshness guarantee from random nonce
    • but PORN does not know anything about the user

    There’s probably glaring issues with this, this is just from the top of my head to solve the problem of “GOV should know nothing”.


  • Not sure. How about this (simplified):

    • USER visits porn site
    • PORN site encrypts random nonce + “is this user 18?” with GOV pubkey
    • PORN forwards that to USER
    • USER forwards that to GOV, together with something authenticating themselves (need to have GOV account)
    • GOV knows user is requesting, but not what for
    • GOV checks: is user 18?, concats answer with random nonce from PORN, hashes that with known algo, signs the entire thing with its private signing key
    • GOV returns that to USER
    • USER forwards that to PORN
    • PORN is able to verify that whoever made the request to visit PORN is verified as older than 18 by singing key holder / GOV, by checking certificate chain, and gets freshness guarantee from random nonce
    • but PORN does not know anything about the user

    There’s probably glaring issues with this, this is just from the top of my head to solve the problem of “GOV should know nothing”.




  • I dream of a pure information protocol. Kinda like RSS, but… More.

    • allow any piece of information (news article, DM, sensor reading,…) to be wrapped in a standard format
    • subscribe to any number of source directly or indirectly (e.g. through a self-hosted relay server)
    • allow networks to define default data sources (e.g. get sensor data from machines as soon as you are connected to corporate networks
    • make the data declare what UI elements are required,
    • but allow clients to display them however the fuck they want
    • allow user to assign priorities statically or programmatically to any source, and to filter, sort, categorize based on it

    Essentially: I want “the feed” from universes like The Expanse