-
In looking at the ActivityStream rendition of my profile page (i.e., "application/activity+json" content-type), I noticed a PEM representation of a Public Key. -----BEGIN PUBLIC KEY----- I assume Mastodon currently takes custody of the matching Private Key, and if so, why? |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 2 replies
-
the private key is used by the mastodon server to sign http requests on your behalf |
Beta Was this translation helpful? Give feedback.
-
Okay, but I am not the owner of the keypair which is confusing based on how its presented in my ActivityStream data. Has anyone considered the following regarding the private key?
Putting items 1&2 aside, item 3 is a low cost high value enhancement re identity authenticity that uses existing open standards for PKI. |
Beta Was this translation helpful? Give feedback.
-
The security weakness is, in fact, that the server or anyone with access to the server, has access to all the user's private keys This would allow any employee, or hacker, to impersonate any user forever, and read direct or encrypted messages I very much appreciate that mastodon is a system that works. But in future, it could be a goal to allow users to take ownership of their private keys, in some way I started building something in this vein here: It's just a stub, but maybe provides some food for thought, for a pattern of server controlled identity alongside sovereign identity |
Beta Was this translation helpful? Give feedback.
-
It is not possible for any ActivityPub instance to currently provide users with the private keys used to sign server-to-server posts securely, because all major implementations currently only use a same-origin check to validate IDs created by those keys. This creates several novel vulnerabilities where User A on mastodon.social could use a private key hosted on mastodon.social to e.g. block or suppress the activities from User B on mastodon.social (these are not trivial vulnerabilities, due to the precise timing required, but they're possible) Obviously, this is not an issue if you run your own instance, since there's no other user B to attack. If you're worried about "single points of failure", I would recommend going that route, where all of your private keys are securely yours and you can use them for whatever you want. If your goal is to allow users to communicate securely, then I wouldn't suggest reusing the private keys used for communicating between servers, and I would suggest instead having a separate set of keys specifically intended for e2e encryption that the server doesn't even have access to (as implemented in the Mastodon backend, but not yet implemented in the client apps) |
Beta Was this translation helpful? Give feedback.
It is not possible for any ActivityPub instance to currently provide users with the private keys used to sign server-to-server posts securely, because all major implementations currently only use a same-origin check to validate IDs created by those keys. This creates several novel vulnerabilities where User A on mastodon.social could use a private key hosted on mastodon.social to e.g. block or suppress the activities from User B on mastodon.social (these are not trivial vulnerabilities, due to the precise timing required, but they're possible)
Obviously, this is not an issue if you run your own instance, since there's no other user B to attack. If you're worried about "single points of fa…