[Freedombox-discuss] Diaspora FreedomPod

Timur Mehrvarz timur.mehrvarz at googlemail.com
Sun Oct 16 11:36:10 UTC 2011 

Hi Yosem, thank you for your response. Yes, this is a complex topic.
Maybe a good opportunity to post on diaspora-dev directly.

So, can someone please take a look at my question below and let me know
what you think? I failed to mention that I read through [2] as well. An
excellent brainstorm on the matter, but it also doesn't fully consider
the individual server scenario. I think a FreedomBox+Diaspora
installation could implement the B1 case (private key stored unencrypted
on the server) without this being a problem.

All the best,
Timur

[2] https://github.com/diaspora/diaspora/wiki/Prettygooddiaspora

On 16.10.2011 13:11, Yosem Companys wrote:
> Hi Timur,
> 
> Your question is a bit above my paygrade, which is not hard considering
> that we all get paid zero dollars for our involvement... ;)
> 
> You cited a discussion from our user forum.  I would suggest that you
> ask the question either at our developers' forum
> <http://groups.google.com/group/diaspora-dev?lnk=srg> or live at our
> developers' IRC
> <http://webchat.freenode.net/?channels=diaspora-dev> chat channel.  You
> can also write the founders at your convenience at
> daniel at joindiaspora.com <mailto:daniel at joindiaspora.com>,
> ilya at joindiaspora.com <mailto:ilya at joindiaspora.com>, and/or
> maxwell at joindiaspora.com <mailto:maxwell at joindiaspora.com>.  They are
> all supportive of FreedomBox, but Ilya in particular is a FreedomBox
> evangelist ;)
> 
> What I can tell you is that one of the principles by which our
> open-source developers abide is the following:  Don't solve problems
> until they become problems.  Given that, I suspect that they would
> provide full PGP encryption when lots of people started to run Diaspora*
> on their own Freedom Boxes.
> 
> Best,
> 
> Yosem  
> 
> On Sun, Oct 16, 2011 at 3:25 AM, Timur Mehrvarz
> <timur.mehrvarz at googlemail.com <mailto:timur.mehrvarz at googlemail.com>>
> wrote:
> 
>     On 10/16/2011 11:41 AM, Yosem Companys wrote:
>     > We're inspired by Eben Moglen
>     > http://nymag.com/news/features/establishments/68512/, so our
>     > goals are consistent with FreedomBox.
> 
>     Hi Yosem,
> 
>     Diaspora* developers decided to NOT use PGP encryption, mainly because
>     Diaspora* users would NOT usually own the server they are running on. Of
>     course, people can not be advised to put their private keys on servers
>     that are not under their control [1].
> 
>     But what if lots of people start running Diaspora* on their own little
>     FreedomBoxes? How hard would it be to provide full PGP encryption for
>     these users? My own "FreedomPod" should be able to talk PGP to other
>     "FreedomPods" for which I got public keys. When talking to any other
>     Diaspora* instance, the default encryption would be used. (Which could
>     be phased out by the time everybody is running a FreedomBox. Partly
>     kidding.)
> 
>     Kind regards,
>     Timur
> 
>     [1] Pretty Good Diaspora:
>     http://groups.google.com/group/diaspora-discuss/browse_thread/thread/e9fa0db196454a19/
> 
> 
> 
> 
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

More information about the Freedombox-discuss mailing list