Oddbean new post about | logout
8b278ad8 | 1 years ago (raw) | root | parent | reply | flag 
 Yes, reading the spec there seems to be a missunderstanding about how the distribution of encrypted messages works. 

You can't revoke access to something once you've distributed it over a decentralized network. 

A better solution would be to use your Nostr signing key to gain access to a session where the information is then sent to your computer. Then you can revoke access to the signing key at a later date if you need to do that.
RavensReach | 1 years ago (raw) | root | parent | reply | flag +1 
 Can there not be time bound key access?
RavensReach | 1 years ago (raw) | root | parent | reply | flag 
 Isnt that already an issue with any info?
8b278ad8 | 1 years ago (raw) | root | parent | reply | flag 
 Yes, you are right, it is the issue with any info. 

So you can encrypt a message to a pubkey, or encrypt a message to a shared key, but you cannot revoke access to that data after. 

The only way around this is to link to some centralized service where the data is stored, and even then people can take photos and/or copy and paste the data.
RavensReach | 1 years ago (raw) | root | parent | reply | flag 
 So since thats never going to change, fuck it. Stay centralized  with others controlling your data is your answer?
8b278ad8 | 1 years ago (raw) | root | parent | reply | flag 
 The answer is to use encryption and assume that the data will be decrypted by the people in possession of the keys and once that happens the data cannot be taken away.

If you're trying to give someone a file, and then revoke access later, then you need to have a centralized system with a login. Even then you cannot stop them from copying the file via other means.
RavensReach | 1 years ago (raw) | root | parent | reply | flag 
 This sounds like the current system, which is terrible 😐
8b278ad8 | 1 years ago (raw) | root | parent | reply | flag 
 Yes, you are right, it is the issue with any info. 

So you can encrypt a message to a pubkey, or encrypt a message to a shared key, but you cannot revoke access to that data after. 

The only way around this is to link to some centralized service where the data is stored, and even then people can take photos and/or copy and paste the data.
RavensReach | 1 years ago (raw) | root | parent | reply | flag 
 So since thats never going to change, fuck it. Stay centralized  with others controlling your data is your answer?
8b278ad8 | 1 years ago (raw) | root | parent | reply | flag 
 The answer is to use encryption and assume that the data will be decrypted by the people in possession of the keys and once that happens the data cannot be taken away.

If you're trying to give someone a file, and then revoke access later, then you need to have a centralized system with a login. Even then you cannot stop them from copying the file via other means.
RavensReach | 1 years ago (raw) | root | parent | reply | flag 
 This sounds like the current system, which is terrible 😐
RavensReach | 1 years ago (raw) | root | parent | reply | flag 
 Ok I can understand this point