![]() The plugin itself shouldn’t need any configuration option, since all the entries in the json configuration to be sent to Keybase can be computed from the Discourse settings. If the wrong user is logged in, I’ll display an error message. If no user is logged in, I’ll redirect to the login page, possibly with the username prefilled in the login overlay. This page should only be visible if the Discourse user to be associated is the one that’s currently logged in. I didn’t look at examples from other sites but I think that it should be pretty easy and simple. I think the only “full page” I need is the one for the prefill_url endpoint (the one that will show the association between the Discourse and the Keybase user). I will implement it as a plugin (I already have a GitHub repo at etamponi/discourse-keybase-proofs-plugin, it’s empty for now since I didn’t push my experiments yet). ![]() ![]() This is what I am planning to do (feel free to suggest changes!): I am writing a plugin to implement this Since it’s my first attempt, I’d love some guidance. So again, please note that Keybase is now easy to integrate with, and that it solves problems that other solutions aren’t even planning to address. The UI clearly explains that if she forgets this secret she will NEVER have access to her encrypted messages anymore Next, the RFC for Discourse Encrypt which notes that they also don’t plan to properly address the multiple device or loss-of-key issues that Keybase is designed to get right: Sam, would there be any way to extend this functionality to a category/threads (and allow by groups?)Ībsolutely not, this is not in scope and not planned even 3 iterations out. Next up, on the current Discourse Encrypt project Note that Keybase solves this by having native clients for many platforms. People hosting the service, web browser caches on local comp… Treat the info you have on Discourse as potentially leaked, there are just too many vectors. I second what was said here, you want something like keybase or signal for secure comms, you have to invest in training here. This means that the software used to encrypt and decrypt stuff should not be sent from the discourse server. ![]() The underlying issue is that you can not trust the server if you want truly secure messaging between members. ![]()
0 Comments
Leave a Reply. |