💾 Archived View for bbs.geminispace.org › u › Morgan › 1507 captured on 2024-05-26 at 17:07:21. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-05-10)
-=-=-=-=-=-=-
I think privacy is already well served by allowing free creation of identities and managing which sites they are used on; I was thinking more of impersonation and accidental clashes.
It feels like with identity based on certificates there might be some nice way of solving this.
For example if the browser knew the certificate behind the display name, it could notice that the "Morgan" you encounter is usually the same identity--and highlight visually when it's not. Or if I choose to use a different certificate on each site then the browser could let me know there's never a link and I can do with that what I like.
I don't see any way for that to be doable on Gemini, but maybe there's something that could achieve the same goal.
I was pondering whether you could decorate display names with hashes of the identity, like Lagrange does with site icons / colors; but that doesn't work, there's nothing to stop someone generating random certificates until the display happens to match someone else's.
2023-06-03 · 1 year ago
🐐 satch · 2023-06-04 at 01:35:
@morgan what about simple backlink verification? I see the theoretical utility of your idea but wonder if backlinks aren’t already sufficient. If a bubble-like service wanted, it could display check emojis next to profile links with backlinks
🕹️ skyjake [...] · 2023-06-04 at 04:32:
I was pondering whether you could decorate display names with hashes of the identity
Well, technically it is possible to do the equivalent of PGP signatures but using the client certificate key pair. You would have your username followed by a signed hash, and anyone who has your public key could verify that the signature is valid.
However, you'd have to use quite low-level cryptography APIs to do that in practice, and while OpenSSL will let you do it, I'm not sure how many other TLS libraries would. Any client that wouldn't support this would show ugly hashes to the user.
This would be perhaps the only way to prove your identity, but I doubt anyone wants to implement it. Might as well make an actual PGP signed message saying that, "yes, this is my account."
☕️ Morgan · 2023-06-08 at 09:37:
@satch @skyjake
I tried some things, and wrote about them :)
Domain Changed — Please note the original "geminispace.org" domain has been changed to "bbs.geminispace.org". Update your client certificate activation accordingly if you haven't already.