Home | Notifications | New Note | Local | Federated | Search | Logout
Federated Timeline
Magical Cat@koteisaev@mastodon.online (2026-04-15 04:23:16)
I am looking for some #localFirst solution for blog authoring what would publish (all or some) posts to an activityPub server like to a relay, with publishing of new versions of posts as updates.
And fetch new posts, comments, mentions, messages, and reactions arrive to my local-first thing as a Feed or an Inbox.
Sounds like I want "Fido with formatting and attachments" over #ActivityPub .
The #Fido part is avoid need to be "always online", but sync that few times per day when have time for it
Reply to @benpate@mastodon.social
silverpill@silverpill@mitra.social (2026-04-15 04:15:26)
@benpate You mean they are sent in an encrypted envelope? In that case I would use EmojiReact, the canonical variant. Like with content is a hack for compatibility with Mastodon, but if activities are encrypted it shouldn't be necessary.
@phnt @feld
おだら@s3_odara@mastodon.hakurei.win (2026-04-15 03:12:25)
誕生日を迎えてしまい、歳をとってしまった
Reply to @silverpill@mitra.social
Ben Pate 🤘🏻@benpate@mastodon.social (2026-04-15 02:45:47)
@silverpill @phnt@fluffytail.org @feld@friedcheese.us
Fun fact: both E2EE clients in development right now support the “content” field in likes.
I was just demoing emoji reactions this morning.
We’re going to try to include it as a MAY or SHOULD in the spec, with fallbacks for regular Likes.
Reply to @ropoko@mastodon.gamedev.place
silverpill@silverpill@mitra.social (2026-04-15 02:44:16)
@ropoko HTTP signatures and WebFinger are must have.
This guide might be useful:
https://codeberg.org/ap-next/ap-next/src/branch/main/guide.md
Reply to @phnt@fluffytail.org
silverpill@silverpill@mitra.social (2026-04-15 02:27:38)
@phnt @feld @benpate Would you accept a FEP? https://codeberg.org/fediverse/fep/src/branch/main/fep/c0e0/fep-c0e0.md
Reply to @feld@friedcheese.us
silverpill@silverpill@mitra.social (2026-04-15 02:23:14)
@feld @phnt @benpate Fair point. I usually imagine a network of small instances where spying admins are not a problem, but Mastodon is a different world.
諏訪子@suwako@sns.076.moe (2026-04-15 02:13:33)
草
---Attachments---
image: https://sns.076.moe/media/7929e0fc832d93b55f19131b34d1d9278ad9d57bba778b59450ccacca29997b5.png
image: https://sns.076.moe/media/cd4871a8a353428e3ed32ad6c223de77a990a8bf1dba5decbf8e15fee1e7ce5b.png
Reply to @silverpill@mitra.social
Phantasm@phnt@fluffytail.org (2026-04-15 01:38:56)
@silverpill @feld @benpate Because the way Matrix does it is kinda flawed and makes inserting malicious devices easy-ish. OMEMO is the second extreme they can go to.
This ActivityPub becoming a kitchen sink protocol is getting really weird. First it was trying to make C2S usable and now E2EE barely anybody asked for. When are we going to get emoji reactions standardized?
Reply to @silverpill@mitra.social
feld@feld@friedcheese.us (2026-04-15 01:37:36)
@silverpill @phnt @benpate harder to target users on your own homeserver when you don't have a public timeline where you can spy on your users to pick a victim based on their public posts/profiles.
most of the activity on Matrix is private or at least in group chats. The fediverse is public by default.
Reply to @feld@friedcheese.us
silverpill@silverpill@mitra.social (2026-04-15 01:34:54)
@feld @phnt @benpate It doesn't seem to be an issue in the Matrix ecosystem where people often self host web clients.
Reply to @phnt@fluffytail.org
feld@feld@friedcheese.us (2026-04-15 01:29:09)
@phnt @benpate good question. I think the reality will be more like
- flawed implementation, terrible rollout
- Mastodon and maybe Pixelfed support it (seems like something dansup would jump on)
- all the logic has to be in the client (or frontend)
alright. Now we've got an app store with a ton of shady looking fedi clients (we're that popular guys).
How long before any of those are modified to exfiltrate your keys? How long before the first incel server admin that wants to spy on some female account so they backdoor the FE to steal their keys next time they login?
As soon as one of those events happens, now trust is gone. So Mastodon has to restrict access to this feature to the official Mastodon app and the official Mastodon servers.
UHOH SPAGHETTI-O
Reply to @benpate@mastodon.social
silverpill@silverpill@mitra.social (2026-04-15 01:28:01)
@benpate As somebody who also thought about E2EE (MLS was my suggestion), I can confidently say that SWF spec didn't add much to the discussion. That's not surprising, because to do that one needs to actually start writing code.
Gary@gary@pottering.uk (2026-04-15 01:24:14)
My technical know-how falls short by a long way and I'm having a little trouble figuring out whether I get what I want from the Fediverse. By my limited understanding AT Protocol allows for a 'nomadic' id/datastore (PDS) but with ActivityPub, the nearest we get to that is by having your own instance of an app of your choice and plugging it in/out of other peoples, but your data can only really live in *your instance of *that app??
#Fediverse #atproto #ActivityPub #Data #Identity #PotteringAbout
ジエンP@gientoP@social.mikutter.hachune.net boosted:
@rio@kawane.misskey.online (2026-04-15 00:15:04)
JAPANESE PLOVER (Stenography; a way to type stupidly fast using a specialized keyboard) IS HERE!? OH MY NISABA FINALLY!!!
https://note.com/jeebis_keyboard/n/nf5ec466bd37a?after_purchase=true&scrollpos=tip
Reply to @deutrino@mstdn.io
silverpill@silverpill@mitra.social (2026-04-15 01:10:24)
@deutrino @benpate Of course not. The first thing their new CEO did in his introduction post was to memory-hole a bunch of projects.
Reply to @phnt@fluffytail.org
silverpill@silverpill@mitra.social (2026-04-15 01:02:49)
@phnt @benpate These censorship/moderation tools are likely a part of their mainstreaming strategy. They want big orgs, including governments, to host Mastodon instances. The same playbook is used by Matrix.
So I don't think it's a threat, just another brick in the wall separating Mastoverse and the rest of the network.
Reply to @silverpill@mitra.social
Ben Pate 🤘🏻@benpate@mastodon.social (2026-04-15 00:46:34)
@silverpill SWF built the original spec that we're building to. They did a TON of research and groundwork ahead of time.
I'll just have to graffiti Wikipedia myself.
Reply to @silverpill@mitra.social
deutrino@deutrino@mstdn.io (2026-04-15 00:44:54)
@silverpill @benpate it really seems nothing has changed after the recent reorganization.
Reply to @feld@friedcheese.us
Phantasm@phnt@fluffytail.org (2026-04-15 00:41:27)
@feld @benpate I wonder what Soatok thinks of this after trying for years to wedge E2EE into ActivityPub. But ultimately, they went the easy route and chose MLS and AP as a dumb transport protocol.
They probably won't bother with proper key management and instead make it device-to-device, or copy the way OMEMO does it. Maybe with only publishing a new public key being possible by approving it from a device with an already published key.
I don't think any of this matters anyway as the whole concept is kinda useless when you already have 10+ secure messaging apps at your disposal.
Reply to @phnt@fluffytail.org
feld@feld@friedcheese.us (2026-04-15 00:32:06)
@phnt @benpate
> E2EE
> Fediverse
Complete and utter bullshit. Explain how they manage private keys. Not gonna happen. Their document skips this step and only discusses how to discover public keys. They're waiting until the last minute to solve this piece because it's the hardest part. How can you securely distribute them across every browser/session and app that people use to access Mastodon etc? If they were gonna copy Matrix's SSSS they'd have mentioned it
https://github.com/swicg/activitypub-e2ee/blob/main/architectural-variations.md
Reply to @benpate@mastodon.social
silverpill@silverpill@mitra.social (2026-04-15 00:30:00)
@benpate I wouldn't count on that.
In the announcement Mastodon team credits SWF for work on E2EE, not the people doing actual research. That's part of the deal.
川音리오@KawaneRio#8706@rio@kawane.misskey.online (2026-04-15 00:15:04)
JAPANESE PLOVER (Stenography; a way to type stupidly fast using a specialized keyboard) IS HERE!? OH MY NISABA FINALLY!!!
https://note.com/jeebis_keyboard/n/nf5ec466bd37a?after_purchase=true&scrollpos=tip
Reply to @phnt@fluffytail.org
silverpill@silverpill@mitra.social (2026-04-15 00:01:37)
@phnt @mirq I think the best option is local-first with mirroring to several hosts on different networks (Tor and clearnet, for example).
蒼樹甘楽になりたい@Gigantic_Thor@misskey.io (2026-04-14 23:58:41)
はじめてのモノクロマンガ(やっつけ)
---Attachments---
image: https://media.misskeyusercontent.com/io/webpublic-7b34919c-de43-437e-b590-a5443ccd7870.png
コハタ ヤスマサ@y_kohata_@misskey.io (2026-04-14 23:52:09)
これはよくやる手法なんですけど、
明朝体に細い縦線を1本入れるだけで、手軽にゴシック調のような雰囲気を持たせることができて好きなんですよね
---Attachments---
image: https://media.misskeyusercontent.com/io/b097ca81-0324-4102-872f-043736f6d94b.jpg
Reply to @benpate@mastodon.social
Ben Pate 🤘🏻@benpate@mastodon.social (2026-04-14 23:38:31)
Whenever they write the Wikipedia article about E2EE, I just want a footnote in there...
#Mastodon was the artillery, the big guns that made the difference. #Bonfire and #Emissary were the special forces recon teams that made it possible.
にせねこ@nixeneko@nixeneko.info (2026-04-14 23:33:29)
言語は母語話者のものだし再興させるのも廃れさせるのも外野がどうかうできるものではない、記録すること位はやっておきたいところだが…
にせねこ@nixeneko@nixeneko.info (2026-04-14 23:28:38)
多様性を維持したまま廃れるか、多様性を排除しつつ生き残るか、どっちがマシか
にせねこ@nixeneko@nixeneko.info (2026-04-14 23:26:14)
「標準語」はある種の人工言語であるが、「標準語」を話すと言ってる人でも実際に話すのは「標準語」と親または地域の方言とのin-betweenのバリアントなんではって気もする
Older Notes