Boost for visibility, plz
I own the domain <fedis.net> and will freely delegate a subdomain thereof to anyone who plans to use it for hosting a fedi instance. Mail me at firstname.lastname@example.org if interested.
One per person; no obviously confusing names e.g. "mx" or "www"; no support given beyond setting NS records. Other conditions may apply but I haven't thought of them yet.
Thankfully Oracle knows what's up and has some good advice to offer for designers
I tried to submit a report about this issue to Substack but, uh
Institutional religion, especially churches, are rapidly declining in America and there is no lack for explanations from all sides -religious and secular explanations.
Yet, any explanation for why religions are declining must also be able to explain why virtually every secular social institution, like the boy scouts, the free masons, and the NAACP, are also declining in membership.
It's not just churches, people just don't know how to be a part of a community anymore.
Just happened across RFC 3043 (https://www.rfc-editor.org/rfc/rfc3043.html) describing "A URN Namespace for People and Organizations", while trying to figure out what I could possibly put in the href field for an <a rel="author" href="..."> tag, if not an actual document link. But can't find any evidence this namespace has ever actually been used. Is it even possible to get one of these?
Does anyone know an existing tool or set of tools that will allow me to generate lesser-used types of #PGP signatures, such as 0x1F (direct key signature) and 0x50 (third party confirmation), and add them to keys? I'm in an experimental mood.
A Hagrid-style server, but allowing me to upload/approve 3rd-party certs on my UIDs, would do a lot of what I want. Ideally it would verify certs server-side, so could only include them if it had the signer's pubkey as well. You'd have to let anyone upload a revocation, though, and publish it whether or not the keyholder approved. Unclear whether that could be done in a GDPR-compliant way, particularly since you'd want to retain revocations even if keyholder removed their key altogether.
I know, I know, "just use TOFU because ultimately you're going to anyway," and yeah TOFU is probably fine for any practical applications I might have, but deep in my heart I want WoT to work even though it never has
Thinking a bunch about #OpenPGP infrastructure again now that I have a current key. SKS was a mess in a lot of ways but the current alternatives seem pretty unsatisfactory. Has anyone put any serious thought into a key-distribution system that can (at least in principle) support WoT-style verification while avoiding the privacy and cruft-accumulation problems with SKS-style keyservers?
(Actually, come to think of it, junk disguised as important mail might provide some cover for _actual_ important mail, making it harder to identify and steal, but that's a pretty marginal benefit -- realistically anyone who is stealing your mail will just grab it all)
"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko