State of IndieWeb Privacy was a session at IndieWebCamp SF 2014.
Notes archived from: https://old.etherpad-mozilla.org/indiewebcamp-indiepriv
When: 2014-03-07 15:30
- Paul Oppenheim http://pauloppenheim.com - no idea how this works, want info!
P3K Private Messaging
- if you hit an url, get HTTP 401, indicating auth required
- http://aaronparecki.com/ - you can sign in on homepage, doesn't do anything different unless you have been authed for the item
- bear: should not issue 401, should issue 404 so that you don't disclose information to potential attackers
- bear: should have logging of access for auditing
- Reply is just a webmention, but server would need to auth to your server; act on your behalf
- Demo: adds pauloppenheim.com to a private post
- PGP: exchange of messages (Sandeep Shetty & Aaron)
- Johannes: edge case: don't move the data, one server, family usecase
- Identity - parents may control child access, but now more often still sep ident
- Johannes: show "read" status? what if my machine reads it?
- iMessage - difference between sent to device and read by a human
- @gasull: bitmessage
- Server to server - Johannes: ideal
- There are lots of solutions for sending text and photos right now (SMS, iMessage, Google Hangouts, Instagram DMs, etc)
- This gets more interesting when talking about sharing other content types, such as a live map
- Your bank statement is available, log in to view it
- Your lab results are in, log in to view
- Aggregate credit card statements to budget on a category across multiple accounts
Out of time