For private messages do we need something special like p.o. box?

Question

For private messages do we need something special like p.o. box?

arj03 opened this issue 2 years ago · comments

Anders Rune Jensen commented 2 years ago

Right now we use:

Private messages are encrypted as box2 using using the group key slot.

Henry · Answer 1 · Wed Apr 13 2022 17:35:21 GMT+0800 (China Standard Time)

Just for reference: https://github.com/ssbc/private-group-spec/tree/v1.1.1/po-box

Anders Rune Jensen · Answer 2 · Wed Jun 29 2022 16:34:20 GMT+0800 (China Standard Time)

I think it makes the most sense to encrypt it similar to p.o. box. The distinction between group and identity is a bit fuzzy here. But would rather use group for private groups only. There is only 1 slot for that one. So doing this as a group means we can't both encrypt to a group and a fusion identity which would be a shame if we want to add the fusion identity to a group.

This requires some changes:

Add fusion identity to identity section of: https://github.com/ssbc/ssb-bfe-spec
Add a spec similar to: https://github.com/ssbc/private-group-spec/blob/master/po-box/README.md
Add the type to private group spec: https://github.com/ssbc/private-group-spec#recipient-key-derivation (key-schemes.json)

FIXME: where is 3.1 used from https://github.com/ssbc/ssb-bfe-spec#3-encryption-key-formats?