Comment by bullen
5 hours ago
I would say:
1) Use HTTP (secure is not the way to decentralize).
2) Selfhost DNS server (hard to scale in practice).
3) Selfhost SMTP server (also tricky).
4) Know and backup your router (dd-wrt or iptables).
JSON over HTTP is the way.
XML is not bad for certain things too; even if I understand the legacy of abuse.
> Use HTTP (secure is not the way to decentralize).
This doesn't seem like useful advice. If you're going to use HTTP at all there is essentially zero practical advantage in not using Let's Encrypt.
The better alternative would be to use new protocols that support alternative methods of key distribution (e.g. QR codes, trust on first use) instead of none.
> Selfhost DNS server (hard to scale in practice).
This is actually very easy to do.
Let's Encrypt is not part of our friends here.
DNS is easy for yourself, but if you host it for others (1000+ of people) and it needs to have all domains in the world, then it becomes a struggle.
Let's Encrypt is a non-profit that defeated the certificate cartel. The main thing you get from using HTTP without it is bad security.
DNS can answer thousands of queries per second on a Raspberry Pi and crazy numbers on a single piece of old server hardware that costs less than $500.
1 reply →
There are bridges for Matrix (JSON)-ActivityPub (XML), one in Elixir: https://github.com/technostructures/kazarma/
1) so how do you validate the http the client receives is the http you sent?
Validate it yourself with hashing and PKI. Yes, it needs bootstrapping, just like centralized HTTPS needs bootstrapping.
Wow, thanks!
Also if people need more food for (decentralized) thought:
https://datatracker.ietf.org/doc/html/rfc2289