Secure Post Types / End-to-end Encryption
I am really glad to see how this project gains traction again. It feels like it is the most/only active of the federated social network projects. Diaspora* helps people stay in control of the technology they are using. There are many reason why diaspora is better than its commercial competitors. However, in terms of data security, communicating through a federated network like Diaspora* is actually worse than a centralised scheme, because you have to trust every server on which you have friends. Most of the servers are inside some cloud infrastructure where it is totally unclear who has access. So i think Diaspora* should offer a way to send end-to-end encrypted posts. That way you would not need to trust any server that is transporting your message. Because end-to-end encryption is always less convenient to set up and to use, it should be optional. I think the best way to implement this would be an extra set of "secure" post types. These are encrypted by the browser of the sender with an extra public key. The private counterpart of this key would not be stored on the recipients server but in the local storage of the recipients browser. The posts would then be decrypted by the browser. The Diaspora* servers would manage the communication of public keys and their revocation. One flaw of this approach is that meta-data (sender and recipient identities) are only encrypted between the servers. This could be circumvented with an onion routing scheme, but probably not in a first iteration.